Oropeza Law is the 'data controller' of your personal data and is subject to the EU General Data Protection Regulation (the "GDPR") with effect from 25 May 2018. Oropeza is a 'data controller' subject to the GDPR only insofar as we are offering goods or services to individuals in the EU or where our Site may be used to monitor individuals' behavior as far as it takes place in the EU. Nevertheless, this privacy notice is a general description of how we process Users’ personal data, regardless of where those Users are from.
We may amend this page from time to time. You should check this page periodically for any changes. This page was last updated on June 8th, 2018.
When you use the Site, we collect your personal data in the following ways:
We may collect the following types of personal data about Users of the Site:
We may also collect 'sensitive personal data', for example, information concerning health and medical conditions but only where Users volunteer this information in a message, form or email to us.
The legal grounds and purposes for processing Users’ information and how we use it
(i) We may process your personal data because it is necessary for our or a third party's legitimate interests. Our "legitimate interests" include our interests in operating our firm and the Site in a client focused, efficient and sustainable manner.
In this respect, we may use your personal data for the following:
(ii) We may also process your personal data for our compliance with our legal obligations. In this respect, we may use your personal data in order to assist with investigations (including criminal investigations) carried out by the police and other competent authorities, where those authorities are acting in compliance with EU law or the law of an EU Member State.
(iii) We may also process your personal data for additional reasons where:
For the purposes referred to in this privacy notice and relying on the bases for processing as set out above, we may share your personal data with certain third parties, including:
We will retain your personal data for as long as we are interacting with you via the Site, and for as long as permitted or required for legal and regulatory purposes after the last such interaction between you and us.
Subject to any other notices that we may provide to you, we will typically retain your personal data for a period of up to two years after our last interaction with you. However, some information may be retained for longer than this, for example where we need to retain it for the purposes of litigation.
This section is for Users located in Europe.
Under the GDPR, with effect from 25 May 2018, you have the following rights in relation to our processing of your personal data. Please note that these rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
Note: If you have given your consent and you wish to withdraw it, please contact firstname.lastname@example.org. Please note that where our processing of your personal data relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you and/or it may affect the provision of those services.
If you are not satisfied with how we are processing your personal data, you can make a complaint to a data protection supervisory authority in the EU, including the data protection regulator in the EU country where you or your organization is located.
If you have any queries about this privacy notice or how we process your personal data, or if you wish to exercise any of your rights under applicable law, you may contact us via email at email@example.com