Areas of practice

Data Protection

Our data protection group has developed a sophisticated practice on personal data and information in general.

Our experience includes the analysis of Mexican regulation for domestic and international clients who carry out activities such as the collection, treatment, use and transfer of personal data and personal sensitive data, to determine obligations related thereto including the use of tracking technologies such as cookies.

We counsel clients with the review and preparation of data privacy policies and data management guidelines for full compliance with Mexican law, as well as privacy notices in the activities where they require to do so, such as websites or other kind of service platform that includes data collection.

Our team, has developed expertise representing clients in administrative proceedings before administrative and judicial authorities, including the Mexican Transparency, Data Access, and Protection Institute (Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales – INAI).

The practice has developed expertise in:

  • General privacy compliance, related to both the private and public sectors.
  • Data Protection Related Agreements: including drafting and/or modifying authorizations to use personal data and data processing agreements and clauses.
  • Privacy notices, policies and programs: drafting and/or reviewing them and making them compliant with Mexican law.
  • Data transfers, including transfer agreements, analysis of the applicable requirements and implementations thereof.
  • Product and strategy analysis and advising.
  • Privacy due diligences.
  • Representing clients in administrative proceedings before administrative and judicial authorities.
  • Employee data protection
  • Marketing compliance analysis and strategies.
  • Fintech privacy issues.
  • Training.
  • Assisting clients in managing data subjects’ requests.
  • Legal assistance in data breaches and incident response.
Relevant matters: Data Protection
  • Google in the analysis of the feasibility of the products and services provided from a
    Mexican law perspective, including, among others, data protection matters.
  • Bradesco in the implementation of a broad strategy to integrate Ictineo into the group,
    including privacy and data protection issues.
  • Pomelo, a company that builds infrastructure and technology for financial services, in
    structuring their services in Mexico, including regulatory requirements, and drafting their services agreements, considering all the corporate, data and consumer protection,
    intellectual property and immigration and technology development matters.
  • Mexican multinational company based in Mexico City dedicated to the distribution of
    food and beverages in their intellectual property and information technology matters, as
    well as corporate issues.
  • An artificial intelligence platform specializing in emerging markets in certain of their day-
    to-day legal matters, including corporate, data privacy, employment, and commercial
Scroll to Top

Use our search function to find what you need on our website:

Please share your information to download the PDF