Let's talk

Terms and Conditions

DIPER DESIGNERS L.L.C. (“DIPER”) offers design, consulting, and construction services for commercial and corporate spaces, as well as logistical support for product launches and commercial events, among others. In the development of its activities, DIPER processes information linked or that may be associated with natural persons (“Personal Data”) through various means, including:

  • Website: www.diper.com
  • Email: diper@diper.com
  • SMS, MMS, and other electronic messages
  • Social media

This “Privacy Policy” aims to inform users of DIPER about the practices and procedures for the processing of Personal Data when DIPER acts as the data controller.

Identification as Data Controller

The following are DIPER’s identification details as the controller of Personal Data:

Legal nameDIPER DESIGNERS L.L.C.
Address7335 Presidents Drive, FL
Phone4078529428
E-maildiper@diper.com

Processing of Personal Data

DIPER will process Personal Data, including its collection, storage, use, consultation, processing, circulation, reporting, updating, compilation, exchange, modification, correction, management, deletion, assignment, transfer (to third-party data controllers independent from DIPER), and transmission (to third-party data processors acting on DIPER’s behalf), in accordance with the Privacy Notice governing the specific terms of the data subject’s consent, this Privacy Policy, applicable United States laws (including the Florida Information Protection Act – FIPA – and the Federal Trade Commission Act – FTC Act), and, when applicable, the European Union General Data Protection Regulation (GDPR).

Personal Data Subject to Processing

The Personal Data processed by DIPER includes:

  • Information that personally identifies the data subject: name, identification, nationality.
  • Employment information: name of employer, job title, level of influence in decision-making regarding event and stand-related projects.
  • Contact information: email address, phone number, mailing address.
  • Interactions with data subjects: contractual history, correspondence (emails, surveys), PQRS (requests, complaints, or claims).
  • Information on shared content and services: user interaction data regarding the use of the services offered.
  • Online browsing information: device, IP address, operating system, geolocation, browsing details, access dates and times, session duration, user activities.

Processing of Sensitive Personal Data

DIPER does NOT process sensitive Personal Data, understood as data that may affect a person’s privacy or whose misuse may result in discriminatory treatment, such as health data, biometric data, racial or ethnic origin, political orientation, religious or philosophical beliefs, union membership, social organizations, human rights organizations, or political party membership.

DIPER’s services are NOT directed to individuals under 18 years old, therefore such Personal Data will NOT be processed.

If the involuntary collection of Sensitive Personal Data or data from minors under 18 is discovered, it will be deleted immediately.

Ways Personal Data Is Collected

Personal Data may be obtained through the following means:

Directly:

Data collected through contact channels, applications, and electronic forms, as well as through the website www.diper.com

Through our social media channels:

DIPER operates on the following social media platforms:

  • Facebook: Diper Exhibitions
  • Instagram: @diper_exhibitions
  • YouTube: @diperexhibitions
  • LinkedIn: diper_exhibitions

Data subjects are warned that when using social media to post comments or opinions, they may disclose Personal Data to third parties unrelated to DIPER.

Automatically:

Through cookies, web beacons, and other technologies that allow traffic monitoring on our website. At the end of this Privacy Policy, you will find information on how these technologies work and how DIPER uses them.

Automatically through third-party services:

Automatic collection of Personal Data may originate through third-party websites, including Google Analytics UA, Google Analytics 4, Facebook Business Manager, HubSpot, Hotmart, YouTube (when watching videos), and social networks such as Facebook, Instagram, TikTok, or LinkedIn (via plug-ins when the user chooses to “share,” “like,” access, or share content). These services may collect data such as IP address and browsing history. Please review their respective privacy policies for more information. DIPER does not control the Personal Data processing operations carried out by these third parties.

If the data subject prefers to avoid automatic processing through third-party services, they may log out of their social media accounts before using the website or adjust the privacy settings of the application.

Processing of Personal Data by Third Parties

DIPER may process Personal Data through commercial partners, in accordance with the Privacy Notice or transfer (to independent data controllers authorized to process Personal Data) or transmission agreements (with data processors acting on DIPER’s behalf). Examples include:

Service providers:

Personal Data may be shared with data processors providing services needed to fulfill processing purposes, such as user registration services, data analytics systems, messaging companies, payment gateways, fraud prevention and credit risk reduction organizations, advertising and marketing companies, among others.

Below are third parties that may require authorization to process Personal Data, along with their Privacy Policies:

Hubspot: https://legal.hubspot.com/privacy-policy

Third parties independent from DIPER:

We may transfer Personal Data to third parties who will process the data in accordance with the Privacy Notice, the FTC Act, FIPA, federal data protection laws, and when applicable, the GDPR, as well as other applicable regulations. Transfers may occur to third parties offering payment processing or content delivery services on the website.

Regarding international transfers of Personal Data, once the user accepts the Privacy Notice, it is reasonably concluded that the data subject has granted express and unequivocal authorization for such international transfers.

For transfers involving data subjects located in the European Union, DIPER will implement mechanisms required by the GDPR, including Standard Contractual Clauses (SCCs) issued by the European Commission, along with transfer impact assessments when applicable.

Commercial transfers:

DIPER may consider selling or purchasing entities, expanding its business or services, or being acquired by third parties; in such scenarios, users’ Personal Data may be transferred in accordance with the purposes established in the Privacy Notice and this Privacy Policy.

Purposes of Processing

Personal Data will be processed for the following purposes:

General purposes

  • Verify the identity of the data subject.
  • Address inquiries, requests, complaints, or claims.
  • Notify changes to our Terms & Conditions and Policies.
  • Enable compliance with contractual obligations and legal duties.
  • Conduct database transfers through mergers, strategic alliances, reorganizations, assignments, or asset sales.

Marketing and promotion:

  • Explain our products and services.
  • Conduct marketing, advertising, loyalty, segmentation, and similar activities.
  • Recommend features and services and identify preferences.
  • Send information about our services via email, social media, website, mobile app, and other means.
  • Respond to service inquiries.
  • Send invitations to events and training sessions.
  • Register comments and feedback on our products or services, which may be published on our website with user authorization.
  • Conduct marketing activities and follow up with individuals interested in DIPER’s services, including contacting them to provide information and support potential contracting processes.

Contractual management:

  • Provide customer support and service.
  • Address and resolve warranty requests, payment reversals, right of withdrawal, and PQRS.
  • Monitor compliance with contractual obligations, including use restrictions for products or services.
  • Send relevant information for contract execution.
  • Conduct queries and reports to credit bureaus to verify compliance with credit obligations or report non-compliance.

Regarding the purchase of products and/or services:

  • Provide post-sale services.

Internal management:

  • Collect information for commercial and marketing research, including consumption habits, preferences, purchase interest, product testing, service evaluation, satisfaction, among others.
  • Develop new services.
  • Conduct audits.
  • Manage database and system security.
  • Conduct economic and accounting management.
  • Perform risk, statistical, commercial, supervisory, and marketing analysis.

When processing involves data subjects located in the European Union, the purposes described will rely on the legal bases established by the GDPR, including contractual execution, legal obligations, DIPER’s legitimate interest, and the data subject’s consent when required.

Data Subject Rights

Data subjects have the following rights regarding the processing of their Personal Data:

Inquiries:

  • Access Personal Data free of charge at least once per calendar month, and whenever there are substantial changes to this Privacy Policy.
  • Be informed about Personal Data processing.
  • Request proof of the authorization granted, unless exempt.

Claims:

  • Update and/or rectify Personal Data that is partial, inaccurate, incomplete, fragmented, or misleading.
  • Revoke authorization and/or request deletion of Personal Data, as long as no legal or contractual obligation requires retention.
  • Report non-compliance by DIPER or third parties regarding data processing.
  • File complaints before the Superintendence of Industry and Commerce for violations of Personal Data protection regulations.

Additional rights for EU data subjects (GDPR):

EU residents may also exercise the rights to data portability, restriction of processing, and objection when processing is based on DIPER’s legitimate interests.

Additional rights for residents of certain U.S. states:

Residents of states such as California, Colorado, Virginia, or Connecticut may exercise additional rights under local law, including requesting disclosure of collected information, deletion, limiting the use of sensitive information, and opting out of the sale or sharing of personal information.

Procedures for Exercising Data Subject Rights

Data subjects may exercise their rights according to the following procedures:

Filing Information

Through electronic communication to the email diper@diper.com, the data subject may contact the customer service area and submit inquiries or claims, providing:

  • Full name and identification.
  • Proof of the capacity in which they act (data subject or representative).
  • Contact information (address, email, phone).
  • Reason(s) for the inquiry or claim, briefly describing the right they wish to exercise.
  • Supporting documents they wish to include.

Procedure for Inquiries

The data subject, their successors, representatives, or attorneys may submit inquiries regarding their Personal Data (request proof of authorization, access Personal Data, or learn how it has been processed), following this procedure:

  • Upon submission, the request will be analyzed to verify the identity of the data subject. If submitted by someone else without proof of representation, it will be rejected.
  • All inquiries will be answered within 10 business days from the day after reception.
  • If it is not possible to respond within this period, the data subject will be informed of the delay, the reasons, and the date on which the inquiry will be resolved, which may not exceed an additional 5 business days.

Procedure for Claims

The data subject, their successors, representatives, or attorneys may submit claims regarding their Personal Data (correction, updating, deletion, or reporting non-compliance), following this procedure:

  • Upon submission, the request will be reviewed to verify the identity of the data subject. If submitted by someone else without proof of representation, it will be rejected.
  • If the claim is incomplete, DIPER will request the data subject to correct omissions within 5 days following the claim reception. If two months pass without response, the claim will be considered withdrawn.
  • If the receiving area is not competent, it will transfer the claim within 2 business days and inform the data subject.
  • The maximum response time is 15 business days from the day after reception. If an extension is necessary, the data subject will be informed, with the additional period not exceeding 8 business days.

Completion of Procedural Requirements

After the time periods have elapsed, if the data subject is denied the exercise of their rights, they may contact the Superintendence of Industry and Commerce.

EU data subjects may additionally file complaints with their local data protection authority.

Data Retention Policy

Personal Data will remain in the databases only for the time that is reasonable and necessary according to the purposes that justify its processing, unless a legal mandate, competent authority order, or contractual obligation requires continued processing. Personal Data will also be deleted at the request of the data subject, within 15 business days, extendable once by an additional 8 business days.

Cookie Policy

For the automatic collection of Personal Data, we use:

Cookies (browser cookies):

A cookie is a small file stored on a computer or mobile device. Unless the data subject has adjusted their browser or device settings to refuse cookies, cookies will be stored when our website is used.

Web beacons:

Our website and emails may contain small electronic files known as web beacons (also called clear GIFs, pixel tags, and single-pixel GIFs) that allow, for example, counting users who visit the website or open an email, and collecting statistics such as content popularity and system/server integrity verification.

Third-party cookies:

Our website may contain links to third-party sites using cookies, such as social media plug-ins (Facebook, Instagram, YouTube) or third parties that may collect Personal Data (e.g., Google Analytics).

Cookies can be blocked through browser or mobile device settings using the “help” option. However, blocking all cookies (including essential cookies) may limit access to some or all website features. Third-party cookie use may be managed by visiting the respective provider’s website or logging out of social media accounts.

In accordance with the above, DIPER will provide the necessary information to allow users to accept or reject cookies (necessary, preferences, statistics, marketing) individually or collectively.

Cookies, web beacons, and other monitoring technologies are used for the following purposes:

  • Proper website operation
  • Improving website content
  • Collecting data for commercial and marketing research
  • Establishing and storing preferences
  • Displaying ads on our site and on partner sites
  • Recognizing users when they return
  • Understanding website activity
  • Speeding up searches
  • Learning about consumption preferences regarding offered products
  • Analyzing visited pages, searches, improving promotional initiatives, showing advertising or banners
  • Enhancing content and articles, customizing presentation and services, and enforcing website rules and security

Security in the Processing of Personal Data

DIPER will implement technical, physical, and organizational security measures proportional to the sensitivity and volume of the Personal Data to be processed, in order to maintain the information secure and confidential. The processing of Personal Data will be carried out in accordance with the principles of the Personal Data Protection regime, including the restricted circulation of information, so that only DIPER personnel with functions related to the processing of Personal Data will have access to it.

Modifications and Validity

This Privacy Policy is effective as of December 3, 2025. This Policy may be modified by DIPER when required, as long as such modifications do not relate to the identity of DIPER or the purposes of the processing. Modifications related to the purposes of the processing must have the prior authorization of the data subject. When the change substantially affects the terms of the processing applicable to data subjects located in the European Union, DIPER will provide prior notice and offer the opportunity to accept or reject the new conditions when required by law.