Privacy Policy.

Last updated: 21 May 2026.

What this policy covers

This Privacy Policy describes how Carol Velasquez (“Carol,” “we,” or “us”) collects, uses, and safeguards personal information in connection with the website at velasquez.info and the professional services offered through it. It applies to website visitors, prospective clients who reach out by email, and engaged clients whose matters are handled under a signed engagement letter or statement of work.

Information we collect

The site is intentionally minimal. We do not run third-party advertising trackers and we do not embed social media pixels. The categories of information we may collect are limited to the following:

• Contact submissions. When you write to us through the contact form or by email, we receive your name, email address, and the contents of your message.
• Engagement information. Once a project begins, we receive the materials necessary to perform the work — typically documents, case references, and the contact details of the people involved.
• Billing information. We retain invoices, payment confirmations, and tax-relevant records (such as W-9 / 1099 information for U.S. clients).
• Server logs. Our hosting provider may log standard request information (IP address, user agent, timestamp) for security and reliability purposes. We do not use these logs for marketing.

How we use information

We use the information described above only to respond to inquiries, provide and improve the services you have requested, issue invoices, comply with tax and accounting obligations, and maintain the security of our systems. We do not sell personal information, and we do not use it for behavioral advertising.

Confidentiality of professional work

The materials that pass through our hands are often confidential or privileged. Carol observes the confidentiality standards expected by U.S. law firms and the equivalent professional duties in the jurisdictions where our clients practice. In particular:

• We defer to attorney-client privilege and work-product protections as instructed by retained counsel.
• We will sign reasonable non-disclosure agreements (NDAs) on request.
• We exchange sensitive documents over encrypted channels and store working files on protected systems.
• We do not discuss client matters publicly, in marketing materials, or with anyone outside the engagement.

Sharing with third parties

We do not share personal information with third parties for marketing purposes. We will share information with subprocessors only where necessary to deliver the agreed services — for example, a courier when a hard copy must be sent, or a payment processor when an invoice is settled — and only the minimum information required for that purpose. If a particular engagement requires more extensive subprocessor involvement, we will disclose that arrangement before the engagement begins.

International transfers

Our clients are located in the United States, the European Union, the United Kingdom, and Latin America. Information you provide may therefore be transferred to and processed in countries other than your own. Where the GDPR or the UK GDPR applies to a client or to data subjects whose data we receive, we rely on lawful transfer mechanisms (such as Standard Contractual Clauses) and we contract with subprocessors who offer equivalent safeguards.

Data retention

We retain information only as long as needed for the purposes described above. As a general matter:

• Engagement records, invoices, and tax-relevant documents are retained for seven (7) years to satisfy U.S. tax recordkeeping requirements.
• Case files and translations are retained according to the instructions of the attorney or client who engaged us; absent specific instructions, working files are deleted within a reasonable period after the matter closes.
• Unsolicited inquiries that do not lead to an engagement are deleted within twelve (12) months.

Your rights

You may request access to the personal information we hold about you, request that it be corrected, or request its deletion subject to our legal and contractual obligations. Residents of the European Economic Area and the United Kingdom additionally have the rights to restrict or object to processing, to data portability, and to lodge a complaint with a supervisory authority. California residents have analogous rights under the California Consumer Privacy Act. To exercise any of these rights, please email carol@velasquez.info.

Cookies

The site does not currently set advertising or analytics cookies. If a session cookie is used at any point, it is strictly necessary for the operation of the page (for example, to remember a language preference) and is not shared with third parties. If we ever introduce optional analytics, we will update this policy and offer a clear way to decline.

Children

The site and the services described on it are directed at law firms, executives, and corporate clients. They are not intended for children, and we do not knowingly collect information from anyone under the age of sixteen.

Updates to this policy

We may revise this policy from time to time to reflect changes in our practices or in the legal landscape. The “Last updated” date at the top of the page indicates when the most recent revision took effect. Material changes will be highlighted on this page before they apply to existing clients.

Contact

Questions about this policy, or about how your information is handled, are welcome at carol@velasquez.info. Please email for our registered business address and any postal correspondence.