SRipLaw, P.A.
1. Introduction
SRipLaw (“the Company”), committed to safeguarding privacy and ensuring individuals’ control over their personal data, outlines the following principles and procedures to protect data subjects’ rights and ensure responsible data handling.
2. Data Controller
The entity responsible for the collection, use, and processing of personal data is:
SRipLaw, P.A.21301 Powerline Road, Suite 100
Boca Raton, FL 33433
Website: https://sriplaw.com
Phone: 561.404.4350
Email: info@sriplaw.com
4. Data Collection and Storage
Most data processed under this policy is obtained through prior, express, and informed consent. However, in alignment with legal exceptions, SRipLaw may process data without prior authorization when permitted. All data is stored on servers managed by third-party providers.
Data may also be collected through authorized transfers, public records, social media platforms, the Company’s website, or cookies.
5. Sensitive Data and Information Concerning Minors
SRipLaw may process sensitive personal data strictly within legal boundaries and will avoid processing information about minors unless necessary and legally permitted. In such cases, only public data will be used or prior authorization will be obtained from the legal guardian.
The Company has adopted additional safeguards for sensitive data, including:
- No activity will be conditioned on providing sensitive or minor-related data.
- Prior, express, and informed consent is always required.
- Data on minors will only be used to promote family well-being and safety for clients, employees, or contractors, and only when legally authorized.
- All processing will uphold the best interest of the child, their fundamental rights, and their right to privacy and expression.
6. Purpose of Data Processing
To fulfill its business objectives and comply with legal and contractual obligations, SRipLaw maintains several databases based on its relationship with each data subject.
6.1 General Purposes for All Databases
- Communicate with data subjects.
- Comply with legal and contractual obligations.
- Execute the Company’s business purpose.
- Fulfill contractual agreements.
- Notify about organizational, commercial, or marketing-related changes or events.
- Manage tax, legal, commercial, corporate, and accounting records.
- Share or transfer data to SRipLaw affiliates, business partners, clients, or data processors, for operational or commercial needs, within policy limits.
- Respond to requests, complaints, or suggestions.
- Conduct statistical analysis.
- Perform background checks via public and private databases for legal compliance and risk mitigation.
- Evaluate financial, credit, or service-related behavior.
- Analyze risk associated with business relationships.
6.2 Purposes for Databases of Candidates, Employees, and Contractors
- Recruitment and hiring processes.
- Verify compliance with social security obligations.
- Share professional profiles or images for promotional or informational purposes via websites, social media, or other media.
- Conduct medical or occupational health assessments.
- Evaluate academic, professional, and job performance.
- Organize training or educational programs.
- Conduct background/reference checks.
- Execute disciplinary procedures and register sanctions.
- Share information with third parties for contract execution.
- Manage reputational and commercial risk.
- Comply with social security-related obligations.
- Manage sick leaves and disability cases.
- Control access to the Company’s facilities.
6.3 Purposes for Databases of Clients, Vendors, Partners, and Affiliates
- Verify compliance of contractual obligations.
- Establish and maintain commercial relationships.
7. Data Subject Rights
- Access, update, and correct personal data processed by SRipLaw.
- Request evidence of authorization, except in cases where consent is not legally required.
- Be informed about the use of their data.
- Submit complaints to relevant authorities for privacy violations.
- Revoke authorization and/or request data deletion if legal or constitutional principles are not respected.
- Access their personal data free of charge.
8. Procedure for Exercising Data Subject Rights
The SRipLaw Administrative Department is responsible for handling all data-related inquiries or complaints.
Requests must be submitted via email to info@sriplaw.com and should include a clear description of the facts and the request. Optional documentation and a contact number or email may also be provided.
8.1 Inquiries and Requests Regarding Personal Data
Responses to inquiries and requests will be issued within ten (10) business days. If additional time is needed, SRipLaw will notify the requestor within this timeframe and respond no later than five (5) additional business days.
8.2 Complaints, Revocation of Consent, and Data Deletion Requests
If a data subject requests correction, deletion, or revocation of their information, they may submit a complaint. Incomplete complaints will require correction within five (5) business days. If no response is received within two (2) months, the request will be considered withdrawn.
When SRipLaw is not the appropriate entity to handle the request, it will be forwarded to the correct party within two (2) business days, and the requestor will be notified.
Once a complete complaint is received, SRipLaw will annotate the database with a “pending complaint” note within two (2) business days, which will remain until the issue is resolved.
The Company will address the complaint within fifteen (15) business days. If a longer response time is necessary, the requestor will be informed, and a final response will be provided within eight (8) additional business days.
9. Effective Date
This Personal Data Processing and Protection Policy is effective as of .