IDENTITY AND ADDRESS OF THE CONTROLLER.

In accordance with the provisions of the Federal Law on the Protection of Personal Data Held by Private Parties (Ley Federal de Protección de Datos Personales en Posesión de los Particulares) (the “Law”), its Regulations, the Privacy Notice Guidelines issued by the Ministry of Economy, and other applicable provisions (collectively, the “Guidelines”), we hereby inform you that Senko Legal, S.C. (the “Controller”), with registered address at Bosques de los Ciruelos No. 186, 12th Floor, Bosques de las Lomas, Zip Code 11700, Miguel Hidalgo, Mexico City, is responsible for the use and protection of your personal data, which will be processed in accordance with this Privacy Notice (the “Privacy Notice”).

PERSONAL DATA AND SENSITIVE PERSONAL DATA TO BE PROCESSED.

To fulfill the purposes described in this Privacy Notice, the following personal data will be collected from the individual contracting the services of Senko Legal, S.C.® (such individual, the “Data Subject”):

• Full name.
• Federal Taxpayer Registration (RFC).
• Tax Status Certificate.
• Unique Population Registry Code (CURP).
• Official identification (voter ID, passport, or driver’s license).
• Address and proof of address.
• Landline phone number.
• Mobile phone number.
• Email address.
• Occupation or professional activity.
• Marital status.
• Credit or debit card number.
• Financial or asset data.

Please note that the Controller does not process sensitive personal data such as racial or ethnic origin, current or future health status, genetic information, religious, philosophical or moral beliefs, union membership, political opinions, or sexual orientation.

PURPOSES OF DATA PROCESSING.

1. The collected personal data will be used for the following primary purposes, which are necessary for the services to be provided:

• To provide the legal services contracted by the Data Subject.
• To provide information about the services offered by the Controller.
• To contact the Data Subject through various communication channels (social media, data messages, text messages, WhatsApp, email, mobile and landline phone) regarding the contracting of services.
• To verify the accuracy, completeness, and current status of the Data Subject’s personal data and maintain updated records.
• To inform correspondents, advisors, partners, clients, employees, vendors, and service providers—including but not limited to notaries, public brokers, translators, and expert witnesses—of the information required for the proper provision of contracted services
• To issue invoices, where applicable.
• To comply with legal obligations and judicial or administrative requirements, including sharing information related to fraud or identity theft.
• To collect debts through judicial and extrajudicial means.

2. Additionally, the Data Subject’s personal information may be used for the following secondary purposes, which are not essential to the requested service, but help provide better service:

• To understand consumption habits in order to offer services that may be of interest to the Data Subject.
• To promote services through advertising and information.
• To share information related to events, services, marketing activities, statistics, satisfaction surveys, quality assessments, and related prospecting efforts.

Pursuant to Article 7 of the Law, your express consent is required for the processing of your financial and asset-related data. If you do not object to the processing of this data or to the purposes outlined above within five business days of receiving this Privacy Notice (as established in the Guidelines), it will be understood that you give your express consent through unequivocal means.

If you do not wish for your personal data to be processed for some or all secondary purposes, you may notify us at any time by sending an email to: info@senkolegal.com

Refusal to consent to the use of your personal data for these secondary purposes will not be a reason for us to deny the requested or contracted services.

The Controller is committed to maintaining strict security measures and will not use the collected data for purposes other than those stated in this Privacy Notice, except in the cases outlined in Article 36 of the Law.

TRANSFER OF PERSONAL DATA.

The Controller may transfer the Data Subject’s personal data to domestic or foreign entities without requiring their consent, for the following purposes:

• To affiliated companies, parent entities, or any company within the same corporate group, whether domestic or foreign, that operates under the same personal data protection policies.
• To banks or financial institutions to fulfill payment obligations.
• To service providers and business partners necessary for delivering the services offered by the Controller.
• To public entities, federal, state, or municipal authorities, commissions, institutes, or regulatory entities to comply with legal obligations, transparency requirements, anti-money laundering efforts, or to respond to judicial or administrative orders from competent authorities.

MEANS AND PROCEDURE FOR EXERCISING ARCO RIGHTS.

The Data Subject has the right to: (i) Know what personal data has been collected, how it is used, and under what conditions (Access); (ii) Request the correction of personal data that is inaccurate or incomplete (Rectification); (iii) Request the deletion of their personal data when it is not being used appropriately (Cancellation); and (iv) Object to the use of their personal data for specific purposes (Opposition). These rights are collectively referred to as ARCO Rights (the “ARCO Rights”).

To exercise any of the ARCO Rights, the Data Subject must send the corresponding request via email to:  info@senkolegal.com

The Data Subject may exercise their ARCO Rights at any time. The exercise of each of these rights is independent, meaning it is not necessary to exhaust one in order to exercise any of the others.

With respect to the procedure and requirements for exercising ARCO Rights, the Data Subject should take the following into consideration:

For further information, the Data Subject may contact: info@senkolegal.com

Contact details of the person in charge of processing ARCO requests:

The contact details of the person responsible for processing ARCO Rights requests are as follows:

• Name of the person or personal data department: Senko Legal, S.C.
• Address: Bosques de los Ciruelos, No. 186, 12th Floor, Bosques de las Lomas, Zip Code 11700, Miguel Hidalgo, Mexico City.
• Email: info@senkolegal.com

MEANS AND PROCEDURE TO REVOKE CONSENT.

The Data Subject may revoke consent previously granted for the processing of their personal data. However, in some cases, legal obligations may require continued processing of the data. In addition, revoking consent may result in the impossibility of continuing the legal relationship with the Controller.

To revoke consent, the Data Subject must send a request to: info@senkolegal.com

With respect to the procedure and requirements for the revocation of consent, the Data Subject should take the following into consideration:

OPTIONS AND MEANS TO LIMIT THE USE OR DISCLOSURE OF PERSONAL DATA.

The Data Subject may request to limit the use or disclosure of their personal data by sending an email to: info@senkolegal.com

With respect to the procedure and requirements for limiting the use or disclosure of personal data, the Data Subject should take the following into consideration:

If the request is valid, the Controller will include the Data Subject in an exclusion list.

USE OF COOKIES AND OTHER TRACKING TECHNOLOGIES.

The Controller uses cookies to improve website performance, monitor user behavior, and enhance the user’s browsing experience.

Cookies are small files stored on the user’s browser that allow the server to remember certain information for future use. This helps identify users and store their preferences for a better browsing experience.

The Data Subject may disable or adjust the use of cookies through the settings in their internet browser.

SECURITY MEASURES.

The Controller has adopted and maintains administrative, technical, and physical security measures to protect personal data against damage, loss, alteration, destruction, or unauthorized use, access, or processing.

CHANGES TO THE PRIVACY NOTICE.

The Controller reserves the right, at its sole discretion, to modify, update, or remove parts of this Privacy Notice at any time, due to new legal requirements, service improvements, privacy practices, business model changes, or for other reasons.

In such cases, changes will be published at: https://senkolegal.com/

CONTACT.

At any time, the Data Subject may request the latest version of this Privacy Notice by contacting: info@senkolegal.com

CONSENT.

By providing your personal data or interacting with our services, you are deemed to have given your consent to the processing of your personal data in accordance with the terms of this Privacy Notice.

Last updated: June 2025