PRIVACY NOTICE

OROPEZA SERVICIOS JURÍDICOS, S.C. (hereinafter, the "Responsible Party"), domiciled at Corporativo Parque Reforma, Campos Elíseos 400-Floor 14, Office I, Lomas de Chapultepec, Miguel Hidalgo, 11550, Mexico City, Mexico, in compliance with the Federal Law for the Protection of Personal Data in Possession of Private Parties and its Regulations (hereinafter, the "Law"), makes this Privacy Notice available to you for the purpose of informing you about how your personal data is collected, used, disclosed and safeguarded, the "Law"), makes this Privacy Notice available to you, with the purpose of informing you about how your personal data is collected, used, disclosed and safeguarded, as well as to guarantee your privacy and the right to informational self-determination.

The Responsible will collect the following personal data: full name, address, date and place of birth, nationality, citizenship, data of your legal representatives or attorneys-in-fact, place of residence, email, telephone, cell phone, general contact and identification information, institution or company to which you belong, unique population registration code (CURP), federal taxpayer registry (RFC), foreign tax identification number or other tax information (such as tax status certificate) as well as the answers related to your identification contained in the KYC questionnaire and the banking information you provide to us (hereinafter, the "Personal Data"). This data will be used for the purposes detailed below:

Your Personal Data will be used for the following purposes:

  1. Provision of the legal services requested or contracted.
    b. Fulfillment of legal and fiscal obligations, such as the issuance of receipts, invoices, and any other documentation related to the provision of services.
    c. Communication of updates or relevant information regarding the contracted services.

  2. To comply with its obligations by virtue of a law, regulation, decree, rule, administrative provision, order, circular and other norms applicable to the Responsible Party.

  3. Provide information requested by competent authorities.

  4. Identity verification and background checks against national and international sanctions lists, in order to perform the commonly known background check screening process and activities related to compliance and due diligence.

These purposes are necessary in order to fulfill our legal and contractual obligations.

  1. Sensitive Personal Data:


In the event that the Controller needs to collect sensitive Personal Data (for example, financial or patrimonial data), it will require your express consent for the processing thereof, except in those cases in which the Law allows its processing without consent.

  1. ARCO Rights:

At any time, you may exercise your rights of access, rectification, cancellation or opposition ("ARCO Rights") with respect to your Personal Data. To do so, you must submit the corresponding request through the following means of contact:

The application must contain:

  • Full name and contact information (address or e-mail).

  • Documents proving your identity or the personality of your legal representative.

  • Clear description of the Personal Data with respect to which you are requesting to exercise any ARCO right. In case of a request for rectification, you must indicate the specific modifications and provide the documents supporting your request.

  1. Procedure for the exercise of ARCO Rights:


Once your request has been received, the Responsible will provide you with a response within 10 business days. In the event that the request is admissible, the requested right will be enforced within the following 15 business days. The information related to your request will be sent to you by e-mail or to the address indicated by you.

  1. Revocation of consent:


You have the right to revoke at any time the consent granted for the processing of your Personal Data, in whole or in part. It is important to note that, in some cases, the revocation of your consent may imply that we can no longer provide you with the requested services or the termination of our contractual relationship.

To revoke your consent, you must submit your request through the channels mentioned above, providing the same data and documentation required for the exercise of ARCO Rights. The Responsible Party will notify you of the resolution of your request within a maximum period of 10 business days.

  1. Safety measures

The Responsible has adopted the security levels of personal data protection legally required by law and the security measures are identical to those used by the Responsible to keep its own information. Likewise, due to the nature of the services provided by the Responsible, all information containing personal data is considered confidential.

  1. Consent 

If you do not agree with this Privacy Notice, you should refrain from providing your personal information, from using or requesting the services of the Responsible and from entering, browsing and/or using the functions and services of the Responsible's website. Your consent to the processing of your personal data in accordance with the terms herein provided shall be considered tacitly granted, understanding tacit consent when having made this Privacy Notice available to you, you do not express any opposition. Likewise, we will understand any delivery of information, as well as your access and use of our platforms and/or services, or participation in our forums and events as a manifestation of your consent and acceptance of this Privacy Notice.

Whenever required by law, with respect to certain types of personal data, the Controller shall take affirmative and affirmative steps to obtain your consent. Your consent to the processing of personal data in accordance with the terms provided herein shall be deemed expressly granted when any of the following events occur: (i) you sign at the face of a copy of this Privacy Notice, or (ii) by signing any contract, proposal for services or letter of commitment (letter contract) that refers to it, or (iii) you expressly state your agreement by checking a checkbox that we will enable on our pages or platforms (so that this requirement is clearly and unequivocally met), or (iv) any mechanism or procedure permitted by Law. By your acceptance (tacit or express, as applicable), you also consent to any transfer of personal information that may be made by the Controller in accordance with the terms of this Privacy Notice.

  1. Modifications to the Privacy Notice:

The Responsible reserves the right to modify or update this Privacy Notice at any time, due to changes in legal provisions, internal policies or needs arising from the services it offers. The modifications will be communicated in a timely manner by sending an email to the address you have provided us.

Privacy Notice updated as of May 14, 2025.