Privacy Policy

Last Updated: February 1, 2026

1. Introduction & Scope

This Privacy Policy explains how ParaguaySimply.com (“we”, “us”, “our”) collects, uses, stores, and protects personal data in connection with our website, communication channels, and service-related interactions.

This policy applies to:

  • visitors of our website,
  • individuals who contact us via forms, email, or messaging platforms,
  • prospective and existing clients engaging with our services.

This Privacy Policy primarily covers data collected during the pre-contractual and informational phase, including website interactions, initial communication, and onboarding inquiries.

Certain services we provide (such as immigration or relocation assistance) may require the processing of additional personal documents at later stages. These cases are governed by separate contractual agreements, confidentiality undertakings, or service-specific documentation, which supplement this Privacy Policy.

We process personal data in accordance with generally accepted data protection principles applied in the European Union, the United States, Canada, and comparable jurisdictions, including transparency, purpose limitation, data minimization, and reasonable security safeguards.

2. Data Controller & Privacy Contact

The controller responsible for the processing of personal data under this Privacy Policy is:

Jakub Štefanec, operating under the brand ParaguaySimply.com
Registered business identification (RUC): 9327841-1
Country of registration: Paraguay
Website: https://paraguaysimply.com

For matters related to personal data protection, privacy rights, or data handling inquiries, we have designated a Privacy Coordinator.

Privacy Contact Email: privacy@paraguaysimply.com

The Privacy Coordinator is responsible for overseeing data protection practices, handling data access or deletion requests, and responding to privacy-related inquiries in accordance with applicable data protection principles.

3. Categories of Personal Data We Collect

Depending on how you interact with us, we may collect and process the following categories of personal data:

  1. a) Identification & Contact Information
     Such as name, email address, phone number, country of residence, and other details voluntarily provided when contacting us or submitting an inquiry.
  2. b) Communication Data
     Information contained in messages sent to us via contact forms, email, messaging platforms, or other communication channels.
  3. c) Website & Technical Data
     Limited technical information such as IP address, browser type, device information, pages visited, and interaction data collected through cookies, analytics tools, or similar technologies.
  4. d) Service-Related Information (Pre-Contractual)
     General information voluntarily provided to assess service eligibility or respond to inquiries (for example, residency goals, timelines, or high-level background details), without requiring formal documentation at this stage.

We do not request or collect official identity documents, legal certificates, or sensitive personal records through the public website or initial contact forms.

Any processing of official documents or legally sensitive materials occurs only at later stages of the service, subject to separate contractual arrangements and confidentiality safeguards.

4. How We Use Personal Data

We use personal data strictly for defined and legitimate purposes, limited to what is necessary to operate our website, communicate with users, and provide or evaluate our services.

Personal data may be used for the following purposes:

  1. a) Communication & Inquiries
     To respond to messages, questions, or requests submitted via our website or communication channels.
  2. b) Service Evaluation & Pre-Contractual Assessment
     To assess general eligibility, timelines, and suitability for our services based on information voluntarily provided during initial communication.
  3. c) Service Delivery & Administration
     Where applicable, to perform contractual obligations, coordinate service-related steps, and maintain operational records once a service relationship exists.
  4. d) Website Operation & Analytics
     To operate, maintain, and improve our website, including basic analytics, performance monitoring, and security.
  5. e) Legal, Security & Compliance Purposes
     To comply with applicable legal obligations, prevent misuse or abuse of our services, and protect our legitimate business interests.

We do not sell, rent, or trade personal data.
 We do not use personal data for profiling or automated decision-making related to legal, immigration, or tax outcomes.

Marketing communications are sent only where permitted by law or based on user consent, and users may opt out at any time.

5. Website & Marketing Data

When you visit our website, we may collect limited information related to website usage and performance through cookies, analytics tools, and similar technologies.

  1. a) Cookies & Similar Technologies
     We use essential and limited non-essential cookies to ensure proper website functionality, basic analytics, and security. You may control or disable cookies through your browser settings. Disabling cookies may affect certain website features.
  2. b) Analytics & Performance Monitoring
     We use analytics tools to understand how visitors interact with our website, such as pages visited, general location (country-level), device type, and referral sources. This data is used in aggregated form to improve website performance and user experience.
  3. c) Advertising & Conversion Measurement
     We may use advertising platforms and conversion measurement tools (including hashed or encrypted identifiers such as email addresses) to evaluate the effectiveness of our marketing campaigns.

Such data is:

  • used solely for conversion attribution and performance measurement,
  • not used for individual profiling,
  • not combined with sensitive personal or service-related data.

Official documents, legal records, or service-related materials are never used for advertising, analytics, or marketing purposes.

Users may opt out of non-essential cookies or marketing-related tracking where required by applicable law.

6. Additional Documents Processed Outside the Website

Certain services we provide may require the processing of official identity or legal documents at later stages of the engagement. These documents are not collected through the public website or contact forms.

When required, such documents may be exchanged through secure, encrypted communication channels and handled outside the website environment.

Official documents and legally sensitive materials:

  • are not stored on the public website or its servers,
  • are accessible only to authorized individuals involved in service execution,
  • are processed solely for the purpose of delivering the requested services.

These documents are stored in secured environments with restricted access and are retained only for as long as necessary to complete the relevant service or to meet applicable legal or regulatory requirements.

Upon completion of the service, or upon a valid request where legally permissible, such documents are securely deleted, and confirmation of deletion may be provided upon request.

7. Legal Basis for Processing

We process personal data only where a valid legal basis exists, in accordance with generally recognized data protection frameworks applied in the European Union, the United States, Canada, and comparable jurisdictions.

Depending on the context, personal data may be processed on one or more of the following legal bases:

  1. a) Consent
     Where you voluntarily provide information or explicitly consent to specific processing activities, such as submitting inquiries or subscribing to communications.
  2. b) Pre-Contractual Necessity
     Where processing is necessary to evaluate service eligibility, respond to requests, or take steps at your request prior to entering into a service agreement.
  3. c) Contractual Performance
     Where processing is required to perform services agreed upon with you, including service administration and coordination.
  4. d) Legal Obligation
     Where processing is necessary to comply with applicable legal or regulatory requirements.
  5. e) Legitimate Interests
     Where processing is necessary for our legitimate business interests, such as ensuring service security, preventing misuse, and maintaining operational integrity, provided such interests are not overridden by your rights and freedoms.

Where required by applicable law, you may withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

8. International Data Transfers & Jurisdiction

As a remote coordination service based in Paraguay, personal data may be processed outside your country of residence (including transfers between the EU, US, Canada, and Paraguay).

  • Safeguards: Where data originates from the EU/EEA, we apply principles consistent with Standard Contractual Clauses (SCCs) to ensure protection.
  • Purpose: Transfers are strictly for service delivery (coordination with local authorities).
  • Structure: Paraguay Simply operates as a remote coordination service. Data transfers do not imply a permanent establishment for tax purposes in the client’s jurisdiction.

9. Data Retention & Deletion

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, or resolve disputes. Specifically:

  • Orders and Service Records: Retained for the duration of the contract plus any legally required retention period.
  • Marketing Data: Stored until you withdraw consent.
  • Contact Requests and Inquiries: Kept until the matter is resolved, after which data is securely deleted or anonymized.

When data is no longer needed, we ensure it is deleted from active systems and anonymized where possible. We implement processes to permanently remove personal information from backups and archives in accordance with applicable Paraguayan law and international privacy standards.

10. Data Security Measures

Paraguay Simply applies industry-standard security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction:

  • Encrypted Communication: All data transmitted through our website or email is protected using SSL/TLS encryption.
  • Secure Storage: Personal data is stored on secure servers with controlled access.
  • Access Control: Only authorized personnel with legitimate business need can access personal data.
  • Regular Security Monitoring: Systems are regularly updated, patched, and monitored for potential vulnerabilities.
  • Incident Response: In the unlikely event of a data breach, we will promptly notify affected individuals and authorities in accordance with applicable law.

These measures are reviewed periodically to ensure compliance with evolving security best practices and relevant legal requirements.

11. User Rights (EU, US, Canada aligned)

You have the following rights regarding your personal data, depending on your location:

  • Access & Portability: Request a copy of your personal data in a structured, machine-readable format.
  • Correction: Request that inaccurate or incomplete data be updated.
  • Deletion: Request erasure of your personal data where applicable (“Right to be forgotten”).
  • Restriction & Objection: Limit processing or object to it for marketing or legitimate interest purposes.
  • Consent Withdrawal: Withdraw consent at any time without affecting the lawfulness of prior processing.
  • Complaints: Lodge a complaint with your local data protection authority if you believe your rights were violated.

To exercise any of these rights, contact us at privacy@paraguaysimply.com. We will respond in accordance with applicable laws.

12. Children’s Privacy

Our services and website are not directed at children under 13 (EU, US) or under 16 (Canada). We do not knowingly collect personal data from children.
If you believe we have inadvertently collected information from a child, please contact us at privacy@paraguaysimply.com, and we will promptly delete it. Parents or guardians may exercise all applicable rights on behalf of their children.

13. Third-Party Service Providers

We use trusted third-party providers to help operate our website, process payments, and deliver services, including:

  • Hosting & Infrastructure Providers (servers, cloud storage)
  • Analytics & Marketing (Google Analytics, Microsoft Clarity (minimal settings), Google Ads, Meta Pixel)
  • Professional Advisors (accountants, legal compliance consultants for Paraguayan law)

These providers process data only as necessary to deliver their services and are bound by confidentiality and data protection obligations. We do not sell your personal data to third parties.

14. Incident & Breach Notification

In the unlikely event of a data breach or security incident affecting your personal information, Paraguay Simply will take immediate steps to contain and mitigate the impact. We will promptly investigate the incident, implement corrective measures, and notify affected users as required by applicable law, including GDPR, CCPA, and Paraguayan regulations. Notifications will include the nature of the breach, the types of data involved, and guidance on steps users can take to protect themselves.

15. Changes to This Policy

Paraguay Simply may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or services offered. When updates occur, the revised policy will be posted on this page with a new “Last Updated” date. Significant changes affecting your rights or use of personal data will be communicated via email or website notice where appropriate. Continued use of our services after such updates constitutes acceptance of the revised policy.

Effective Date: February 1, 2026