PRIVACY NOTICE

At Migralaw SAPI de CV, we deeply value your privacy and trust. Therefore, we want to ensure that you know how we safeguard the integrity, privacy, and protection of your personal data. We will maintain the confidentiality of the information provided to you at all times and act in accordance with applicable national and international regulations regarding Personal Data.

Migralaw SAPI de CV, operating under the trade name “MIGRALAW,” will be used in this notice to refer to Migralaw SAPI de CV or its affiliated companies. We appreciate your interest in the website https://migralaw.mx/ and in this Privacy Notice, and we are at your disposal for any questions or comments you may have in this regard, through the contact information provided at the end of this document.

For MIGRALAW, the processing of your personal data is of utmost importance. We reiterate our commitment to your privacy and the right to informational self-determination.

As a client, employee, or supplier of any Migralaw company, you can be assured that your personal data will be protected. The security of your information is our priority, and we protect it through the use, implementation, and maintenance of high security measures.

By virtue of the above, this Privacy Notice is intended to inform you about the processing we will give to your personal data when it is collected, used, stored, transmitted, and/or transferred by Migralaw, in accordance with the provisions of the Federal Law on Protection of Personal Data Held by Private Parties (hereinafter the “Law”), its Regulations and Guidelines.

The Data Controller for your personal data will be each of the companies that are part of Migralaw that collect them to address a possible provision of services by you, within the provision of a service, employment contract or provision of services, and in general during the development of the respective contractual relationship, in accordance with the applicable provisions and the statutes of each of the companies that are part of Migralaw.

In compliance with the Federal Law on Protection of Personal Data Held by Private Parties, its Regulations, and the Privacy Notice Guidelines published in the Official Gazette of the Federation on January 17, 2013, we bring to your attention this Privacy Notice.

CONTROLLER

The Personal Data Controller is Migralaw SAPI de CV, with address at Corporativo Antara I, 5th Floor, Ejército Nacional 843-B, Colonia Granada, Delegación Miguel Hidalgo, CP 11520, Mexico City.

PURPOSES FOR DATA PROCESSING

At Migralaw, we may request, obtain, store, and use your Personal Data for the following purposes:

At Migralaw, we value the privacy and security of your Personal Data. We use them for the following purposes:

Relationship with Users and Clients: To establish and maintain effective communication with you, offering updates, relevant information about changes in our services, and invitations to events related to our legal services.

Legal Compliance: To comply with our obligations under the laws and specific regulations that apply to our operation, such as the Federal Law on Protection of Personal Data Held by Private Parties and any other relevant legislation on legal services, including requirements from competent authorities.

Statistical Control and Service Improvement: To analyze the use of our services and adapt them to the needs of our clients, promoting continuous improvements.

Development of Personalized Legal Services: To adapt our legal services to your specific needs, ensuring the highest quality customer experience and attention.

Communications and Marketing: With your express consent, to send you information, magazines, and news on legal topics, as well as marketing and advertising communications that might be of interest to you.

Request Management: To manage and respond to any requests for information, services, complaints, or comments you make.

Development and Marketing: To use your data in the development and improvement of our products and services, inviting you to participate in non-profit activities, educational, social, and cultural projects.

Service Provision: To provide you with the complete requested service, obtaining the necessary information for this purpose.

Databases for Follow-up: To create and maintain databases that allow us to follow up on consultations, advisory services, and legal matters, ensuring that the information is updated for use when required by our clients.

Statistical, Marketing, and Commercial Purposes: To use your data in statistical analyses that allow us to improve our services and marketing communications, always respecting your preference and consent.

Additionally, we commit to:

Inform about the Rights of Data Subjects: You have the right to access, rectify, and cancel your personal data, as well as to oppose its use or revoke the consent you have given us for that purpose, through the means we expressly establish.

Transparent Data Transfers: If it becomes necessary to share your data with third parties or transfer them internationally, we will inform you beforehand of the details of these transfers, the reasons behind them, and the security measures applied.

Protect Your Information: We implement appropriate security measures to protect your personal data against unauthorized access, alteration, or loss.

Contact: If you have questions about the processing of your personal data or wish to exercise your rights, you can contact us through [contact method included].

COOKIES AND WEB BEACONS

Our website uses cookies, web beacons, and other technologies through which it is possible to monitor your behavior as an Internet user, provide you with better service and experience when browsing our website, as well as offer information and advertising based on your interests.

The personal data we obtain from these tracking technologies are as follows: browsing hours, browsing time on our site, sections consulted, and Internet pages visited prior to ours.

These technologies can be deactivated by following the procedures of the Internet browser you use.

HOW WE COLLECT PERSONAL DATA

At Migralaw, we obtain your Personal Data in the following ways:

Personally: We may obtain Personal Data through Migralaw staff, who will make the privacy notice available to you along with the request for information. Directly from the Data Subject: We use electronic, optical, sound, visual, or other technologies to obtain Personal Data. If data is obtained by telephone, you are informed that Migralaw makes the privacy notice available on the portal https://migralaw.mx/ so that the Data Subject has the necessary information for their own security. Migralaw will inform you of the means by which you can access the privacy notice, and prior to obtaining the data, you will be provided with the identity and address of Migralaw, as well as the purposes of data processing.

CONSENT FOR THE USE OF PERSONAL DATA

The processing of your Personal Data will always be subject to your express consent. You may express your consent verbally, electronically, optically, through any other technology, or through unequivocal signs. If you do not express any opposition after the Privacy Notice has been made available to you, it will be understood that you have given your tacit consent.

If you wish to oppose the processing of your Personal Data, you have a period of 5 days to do so. If no opposition is received within that period, it will be understood that you have given your consent.

It will not be necessary to obtain your consent in the following cases:

I. When the law so provides; II. When the data is available in public access sources; III. When the Personal Data is subject to a prior dissociation process; IV. When the purpose of the processing is the fulfillment of obligations arising from a legal relationship between you and Migralaw; V. In emergency situations that could potentially damage a person or their property; VI. When the Personal Data is essential for medical care, prevention, diagnosis, provision of health care, medical treatment, or management of health services, provided that you are not in a position to give your consent, in accordance with the provisions of the General Health Law and other applicable legal provisions, and such data processing is carried out by a person subject to professional secrecy or equivalent obligation; or VII. In the event that there is a resolution issued by a competent authority.

SERVICE INTEGRATION CLAUSE AND INFORMATION SECURITY

At MIGRALAW, we are committed to protecting and respecting your privacy. As part of this commitment, we integrate our services with associated companies that share our values of security and privacy. To ensure maximum protection of your personal information and sensitive data, we have established strict criteria for selecting these associated companies.

1. Selection of Associated Companies: We choose to work exclusively with companies that demonstrate robust and proven processes in information security. This includes, but is not limited to, the implementation of advanced digital security protocols, compliance with international data protection regulations such as GDPR, and the performance of periodic security audits.
2. Data Sharing: When combining our services with associated companies, we may share certain information necessary for the provision of the service. However, this sharing is always carried out under the strictest security standards, and only the data strictly necessary for the service in question is shared.
3. Security Commitment: Both MIGRALAW and our associated companies are committed to maintaining the security and integrity of your data. We implement physical, electronic, and administrative security measures to protect information against unauthorized access, alteration, disclosure, or destruction.
4. Transparency and Control: You have complete control over your personal data. You can access, correct, or request the deletion of your personal data at any time. Additionally, we provide clear and accessible information about how and why your data is used.
5. Updates and Changes: We reserve the right to modify this clause at any time to reflect changes in our privacy practices, in associations with other companies, or in applicable legislation. Any changes will be communicated in a timely manner through our official channels.

For any inquiry or concern related to this clause or our privacy practices, please do not hesitate to contact us at admin@migralaw.org.

PERSONAL DATA REQUESTED

Migralaw may request the following Personal Data:

Full name. Email address. Phone number. Preferences on topics you would be interested in receiving information and/or advertising about. Nationality. Date of birth. Place of residence. Phone and contact information. Name of your company. Employment information. Migralaw may conduct any investigations and actions it deems necessary to verify the accuracy of the information provided through third parties, organizations, or authorities.

We inform you that if we do not have this information, we will not be able to continue with the process of contracting the service you wish to acquire and fulfill the contractual obligations that both parties agree upon.

DATA STORAGE

Migralaw stores personal data for the time necessary to comply with the service for which they were collected and the purpose for which they were requested. The data is integrated into a file that is kept under our custody for a period of 5 years as long as future relationships are maintained for residence and naturalization processes. In brief processes that are not of long resolution time, the information will be deleted once the process is concluded.

In compliance with data protection regulations, Migralaw has implemented the necessary security measures to protect your personal data against loss, misuse, alteration, unauthorized access, or theft. We have additional technical, administrative, and physical measures to safeguard your data.

Despite our security measures, it is important to note that no Internet data transmission or electronic storage system is completely secure. Therefore, Migralaw commits to inform you immediately in the event of any security breach that may significantly affect your rights, so that you can take the necessary measures to protect your rights.

DATA PROTECTION

At Migralaw, we implement technical, administrative, and physical security measures to ensure the integrity of your personal data and prevent its damage, loss, alteration, destruction, unauthorized access, or misuse.

In the event of a security breach that significantly affects your property or moral rights, Migralaw will inform you immediately so that you can take the necessary measures to defend your rights, in accordance with the provisions of Article 20 of the law.

Both shareholders and administrators, directors, agents, employees, and service providers of Migralaw are committed to maintaining the confidentiality of your personal data even after ending the relationship with you. Unauthorized access to your personal data and its use for purposes other than those established in this Privacy Notice is prohibited.

ARCO RIGHTS

“Right of Access, Rectification, Cancellation, and Opposition.”

You have the right, at all times, to exercise your rights of access, rectification, cancellation, and opposition (ARCO rights) regarding the personal data that Migralaw has in its possession.

To exercise your ARCO rights, it is necessary to send a request that includes the following requirements:

(i) Your name, address, or email address to communicate the response to your request; (ii) Documents that prove your identity or, where appropriate, the legal representation of the person acting on your behalf; (iii) Clear and precise description of the personal data regarding which you wish to exercise any of the ARCO rights; (iv) Any other element or document that facilitates the location of personal data; (v) Clearly specify whether the request is for access, rectification, cancellation, or opposition; (vi) The reason for the request; and (vii) The modifications you wish to make in the case of a request for rectification of personal data.

You can send your request to Migralaw through the following means:

Email. Postal mail. In person at Migralaw offices. Through the website https://migralaw.mx/. Once Migralaw receives your request, we will inform you of the determination made within 20 (twenty) calendar days following the date of receipt. If the request is addressed, we will make the corresponding changes within 15 (fifteen) calendar days following the date of communication of the request.

We inform you that, in special cases, Migralaw may extend these deadlines when circumstances so require. In such a case, we will notify you of any extension through the same means used to make the request.

COLLECTION OF INFORMATION BY THIRD PARTIES

The portal https://migralaw.mx/ may contain links to other websites whose information practices may differ. If you visit other sites, it is your responsibility to consult their privacy policies. Migralaw is not responsible for the processing of personal data by websites other than https://migralaw.mx/.

NOTICE UPDATE

Migralaw reserves the right to modify this Privacy Notice to adapt it to legislative or jurisprudential developments as well as industry practices. In case of modification, Migralaw will announce the changes introduced with reasonable advance notice on the portal https://migralaw.mx/.

CONTACT

If you have any questions or suggestions, you can contact our Corporate Privacy Officer or our Personal Data Officer, specially designated to handle requests related to the processing of personal data.

Jesús Eduardo García Ríos Email: admin@migralaw.com Address: Corporativo Antara I, 5th Floor. Ejército Nacional 843-B, Colonia Granada, Delegación Miguel Hidalgo, CP 11520, CDMX, Mexico. Phone: (55) 4169 1400