PRIVACY NOTICE REGARDING THE HANDLING OF CUSTOMER PERSONAL DATA OF CASTAÑÓN-SOLORIO ABOGADOS, S.C. (hereinafter “CSA”)

In compliance with the provisions of the Federal Law on Protection of Personal Data Held by Private Parties, its Regulations and other relative and applicable regulations, we inform the following:

RESPONSIBLE FOR PERSONAL DATA


CSA with address to hear and receive notifications at Socrates 128, Polanco II Section, Miguel Hidalgo, Mexico City, C.P. 11530, is responsible for the use and protection of personal data provided by the data subject.

PERSONAL DATA THAT WILL BE REQUESTED FROM THE DATA SUBJECT 

For the purposes indicated in this Privacy Notice, CSA may collect the following personal data, contact, property and/or financial data, such as: full name, official identification with photograph, as well as photograph upon entering the office facilities, through video surveillance and security cameras, address, proof of address, landline, cell phone, email, nationality, date and place of birth, marital status, Federal Taxpayer Registry (RFC or TAX ID), Unique Code of Population Registry (CURP), position, account number, economic activity and property information (list of assets and income), IP address, which together will be mentioned later as Personal Data.


• Personal data will be obtained in one of the following ways: (I) when the data subject provides it personally and directly, (ii) when CSA obtains it indirectly, (iii) when the data subject uses the website or the CSA online services and/or (iv) when obtained by CSA through sources permitted by law.

• For those people who have the contact status of any data subject, they are informed that CSA only requires their personal data corresponding to full name and photograph (official identification and photograph of the data subject when entering the CSA facilities through the cameras). video surveillance and security), position, landline telephone, cell phone, email, personal data of which the contacts are data subject in terms of this Privacy Notice.

• The holders who have provided CSA with the personal data of the beneficiaries or contacts must notify the latter holders of having provided their personal data to CSA and the content of this Privacy Notice, the above, regardless of the notification that CSA will make said persons holders of the Privacy Notice upon the first contact they have with the latter.

It is the responsibility of the person who owns the personal data to guarantee that the data provided personally or directly to CSA is true and complete, as well as to notify CSA of any modification to them to comply with the obligation to keep the information updated.

USE OF PERSONAL DATA COLLECTED

The personal data collected will be used exclusively for the purposes necessary to provide the service requested to CSA.

We inform you that on our website we use cookies and other technologies through which it is possible to monitor your behavior as an internet user, provide you with a better service and user experience when browsing our website. The personal data that we obtain from these technologies, as well as those collected personally, via email, telephone calls, are processed for the purposes detailed below:

1. To carry out the provision of the professional services that correspond to CSA.

2. For the fulfillment of the contracts that CSA sign with the holder.

3. For the identification of the data subject.

4. For the administration of services.

5. For the analysis of services.

6. To update the data of the data subject.

7. To contact the data subject in his capacity as beneficiary to comply with the services.

8. To integrate internal file and provide the requested services.

9. To respond to information requests about the requested services.

10. To evaluate quality of service.

11. For registration with a database for internal control.

Within the use that CSA will give to the data subject information such as (i) offering and promoting services, (ii) sending newsletters, invitations and information on services, as well as (iii) evaluating the quality of services, purposes that are not necessarily required to comply with the obligations derived from the legal relationship that CSA has with the data subject, therefore, in the event that the data subject does not agree that CSA uses their personal data for said purposes, they must express their opposition in accordance with the provisions of this Privacy Notice, since, if the data subject does not express their opposition, it will be understood that they grant their consent to CSA.

We inform you that we will share your personal data with our marketing agency companies, to evaluate the quality of our services through quality audits and market studies. These audit and marketing agencies will have the obligation to keep your data confidential, an obligation that will persist even after completing the requested service.

The use of your bank details will be used exclusively internally for the nature of the requested service, the purpose of which is to comply with the obligations of the legal relationship that unites us.

The personal data collected will be incorporated and processed in the personal data base managed by the Department of Personal Data Protection.

TEMPORALITY, REFERRALS AND TRANSFERS

The temporality of the handling of the personal data of the data subject will depend on the legal relationship that is entered into with CSA, as well as the obligations required by the legislation that is entered into with CSA, as well as the obligations required by current legislation. , the competent authorities in the image of the holder that is captured by the video surveillance cameras, said information is kept by CSA only for a period of 30 to 60 business days after the date on which it is obtained.

The information that is delivered to CSA will be safeguarded, conserved and protected by the latter in accordance with the provisions of current legislation and CSA’s information security policies to maintain the confidentiality of said information.

In accordance with the provisions of the applicable legislation, CSA will give access to the personal data of the data subject through referrals to those people who are in charge, such as service providers or business partners of CSA who have a relationship. legal relationship with the latter, who, because of said legal relationship, need to know the information and assume the commitment to maintain it under a strict order of confidentiality and security, also acknowledging knowing the terms and conditions of this Privacy Notice and committing to comply with them.

On the other hand, CSA sends the personal data of the data subject, such as their full name, to the building administration and security to provide and control access to CSA facilities.

If the protected personal data is required by an authority of any kind or must be delivered to the latter in accordance with current legislation, these data will be made available to you in strict compliance with the Law, a transfer that does not require consent. of the holder in accordance with article 37 of the LFPDPPP.

RIGHTS OF ACCESS, RECTIFICATION, CANCELLATION, OPPOSITION, REVOCATION AND LIMITATION OF PERSONAL DATA

Your consent will be express when you express your will verbally, in writing, by electronic, optical means, any other technology or by unequivocal signs. 

It will be understood that you tacitly consented to the processing of your personal data when you do not express your opposition through the procedure detailed below.

If you do not want your personal data to be transferred for any or all the stated purposes, you may express this to the email castañonsolorio@datospersonales.com. In this email you must send the following:

“I (name and surname), who prove my personality with the following attached documents_______, do not consent to my personal data being used for _________; Likewise, that they be transferred to _______ for the purposes_____________.”

The refusal to use your personal data for these purposes may not be a reason for us to deny you the services and products that you request or contract with us, unless they are essential to provide said service and comply with the obligations of the legal relationship that we have. unite

Regarding your personal data, you can exercise the rights of access, rectification, cancellation and opposition of personal data. These rights are known as ARCO rights, which consist of you having the right to know what personal data we have about you in our database, what we use it for and the conditions of use (Access). Likewise, request the correction of your data if it is outdated, inaccurate or incomplete (Rectification); You have the right to request that we delete it from our database when you consider that it is not being used in accordance with the principles and duties provided for in the applicable regulations (Cancellation); as well as oppose the use of your personal data for specific purposes (Opposition). These rights are known as ARCO rights.

To exercise ARCO rights, you must submit the respective request to the email address of the Department of Personal Data Protection castañonsolorio@datospersonales.com, or directly to the address located at Socrates 128, Polanco II Section, Miguel Hidalgo, Mexico City, C.P. 11530, from 10:00 in the morning to 2:00 in the afternoon and from 4:00 in the afternoon to 6:00 in the afternoon, Monday to Friday.   The request for access, rectification, cancellation or opposition must contain and accompany the following:

1. Name of the data subject and address and other means to communicate the response to your request.

2. Documents that prove the identity or, where applicable, the legal representation of the data subject.

3. The clear and precise description of the personal data with respect to which one seeks to exercise any of the ARCO rights, and 

4. Any other element or document that facilitates the location of personal data.

5. If your request involves rectification of personal data, in addition to what is indicated in the previous points, you must indicate the modifications to be made and provide the documentation that supports your request. 

Our Personal Data Protection Department will respond to the request within a maximum period of twenty days, counted from the date on which the request was received. If this is appropriate, it will become effective within fifteen days following the date on which we communicate the response. In the case of data access requests, delivery will proceed after accreditation of your identity or that of your legal representative. 

The deadlines previously mentioned may be extended only once for an equal period, when justified by the circumstances of CSA.

This privacy notice may be modified in compliance with new legal requirements; of our needs as a company; privacy practices; changes in our business model or other circumstances, therefore, we are committed to keeping you informed about such changes through the email or landline/cell phone number that you provide us.  

The procedure through which notifications about changes to the privacy notice will be carried out is as follows:  

1. No later than three days following the change to the privacy notice, the Personal Data Protection Department will contact you through the contact method you provided us.

2. We will explain the changes to the privacy notice in detail and we will send you the pdf of the modified privacy notice via email or through a telephone messaging application such as WhatsApp.

Last update (July 15, 2024).