PRIVACY POLICY AND DATA USE
LFG Consulting | Effective date: May 20, 2026
1. Introduction
At LFG Consulting (“LFG,” “we,” “us,” or “our”), we respect your privacy and are committed to protecting your personal data. This Privacy Policy describes how we collect, use, store, and protect the personal information you provide to us through our services, website, and any other point of contact.
This policy applies to all our clients, users, and contacts located in Mexico, Colombia, Argentina, Chile, Peru, Spain, other Spanish-speaking countries, and the United States. We are committed to complying with applicable data protection laws in each jurisdiction, including but not limited to:
• Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP) – Mexico
• Law 1581 of 2012 and its regulatory decrees – Colombia
• Law 25.326 on Personal Data Protection – Argentina
• Law 19.628 on Protection of Private Life – Chile
• Law No. 29733 on Personal Data Protection – Peru
• General Data Protection Regulation (GDPR) – European Union (applicable to users in Spain and where otherwise required)
• California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) – California, U.S.A.
• Other applicable U.S. state and federal privacy laws
2. Data Controller
The entity responsible for processing your personal data is:
• Name: LFG Consulting
• Email: [email protected]
• Website: www.luisfernandoguerrero.com
For any inquiries, requests, or exercise of rights related to your personal data, please contact us through the channels listed above.
3. Personal Information Collected
3.1 Information you provide to us
We may collect the following personal data when you use our services or communicate with us:
• Identification data: full name, username, or alias.
• Contact details: email address, phone number, mailing address.
• Professional/employment information: company name, job title, industry.
• Billing and payment information: payment details required to engage our services (securely processed through certified payment providers).
• Communication content: messages, inquiries, form submissions, and any information you voluntarily provide.
3.2 Information we collect automatically
When you visit our website, we automatically collect:
• IP address and approximate geolocation data.
• Browser type, device, and operating system.
• Pages visited, time spent, and actions taken (web analytics data).
• Cookies and similar tracking technologies (see Section 10).
3.3 Information from third parties
In some cases, we may receive personal data from third parties, such as professional platforms (e.g., LinkedIn) or referrals from existing clients, always in compliance with applicable law.
4. Purposes of Processing and Legal Basis
We process your personal data for the following purposes and on the following legal bases:
Purpose | Legal basis | Retention
Delivery of contracted consulting services | Performance of contract | Contract duration + 5 years
Administrative and billing management | Performance of contract / Legal obligation | Per applicable tax law
Service-related communications | Legitimate interest / Consent | Until consent is withdrawn
Commercial communications and marketing (with prior consent) | Consent | Until unsubscribe or withdrawal
Market research and service improvement | Legitimate interest | 2 years
Compliance with legal and regulatory obligations | Legal obligation | Per applicable law
Web analytics and user experience improvement | Consent (cookies) / Legitimate interest | 13 months (cookies)
5. Sharing Data with Third Parties
We do not sell, rent, or transfer your personal data to third parties for their own commercial purposes.
We may share your data with third parties only in the following circumstances:
• Service providers (payment processors, email platforms, analytics tools, cloud services) acting as data processors under LFG’s instructions and subject to appropriate contractual safeguards.
• Legal obligation: when required by competent authorities or court order.
• Corporate transactions: in the event of a merger, acquisition, or business restructuring, with prior notice to you.
Where your data is transferred outside your country of residence, we will ensure that adequate safeguards are in place (standard contractual clauses, adequacy decisions, or other mechanisms recognized by applicable law).
6. Your Data Privacy Rights
You have the right to exercise the following rights with respect to your personal data:
• Access: know what personal data we hold about you.
• Rectification: request correction of inaccurate or incomplete data.
• Erasure (“right to be forgotten”): request deletion of your data when it is no longer necessary for the original purpose.
• Objection: object to the processing of your data for certain purposes, including direct marketing.
• Restriction of processing: request that we limit how we use your data in certain circumstances.
• Data portability: receive your data in a structured, commonly used, machine-readable format (where applicable).
• Withdrawal of consent: withdraw consent at any time without affecting the lawfulness of prior processing.
California residents (CCPA/CPRA) additionally have the right to:
• Know the categories and sources of personal information collected about them.
• Request deletion of their personal information.
• Opt out of the “sale” or “sharing” of personal information (LFG does not sell data).
• Correct inaccurate personal information.
• Limit the use and disclosure of sensitive personal information.
• Not be discriminated against for exercising their privacy rights.
To exercise any of these rights, please send your request to [email protected], including your full name, the right you wish to exercise, and, if possible, the specific data your request concerns. We will respond within the timeframes established by applicable law (generally within 30 calendar days).
7. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected and to satisfy applicable legal, tax, and contractual requirements. Once those periods have expired, data will be securely deleted or anonymized.
General retention guidelines:
• Active client data: for the duration of the business relationship and for 5 additional years thereafter.
• Accounting and tax records: as required by the tax laws of each applicable country (generally 5–10 years).
• Marketing data: until you withdraw consent or unsubscribe.
• Web analytics data: a maximum of 13 months.
8. Security and Confidentiality
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, misuse, disclosure, loss, alteration, or destruction. These measures include:
• Encryption of data in transit (TLS/SSL) and at rest.
• Role-based access controls (RBAC).
• Regular security reviews and audits.
• Confidentiality agreements with vendors and collaborators.
• Incident response plans for security breaches.
In the event of a security breach affecting your personal data that poses a risk to your rights and freedoms, we will notify you in accordance with the timelines and procedures required by applicable law.
No security system is completely infallible. If you suspect your data has been compromised, please contact us immediately.
9. Minors
Our services are not directed to individuals under the age of 18 (or the age of majority in their jurisdiction). We do not knowingly collect personal data from minors. If you become aware that a minor has provided us with personal data without parental or guardian consent, please contact us immediately so we can delete it.
10. Cookies and Similar Technologies
We use first-party and third-party cookies, as well as other tracking technologies (pixels, web beacons, etc.), to improve the user experience, analyze website traffic, and personalize content.
The types of cookies we use include:
• Strictly necessary cookies: essential for website functionality. No consent required.
• Analytics/performance cookies: help us understand how users interact with the site (e.g., Google Analytics or similar tools). Consent required.
• Functionality cookies: remember your language, region, and settings preferences. Consent required.
• Marketing/advertising cookies: used to display relevant content (where applicable). Consent required.
You can manage your cookie preferences through our website’s cookie banner or your browser settings. Disabling certain cookies may affect site functionality.
11. International Data Transfers
As LFG operates across multiple Spanish-speaking countries and the United States, your personal data may be transferred to and processed in countries other than your country of residence. In all cases, we ensure that such transfers are carried out with the appropriate safeguards required by applicable law, including standard contractual clauses approved by competent authorities.
12. Updates to This Policy
This Privacy Policy may be updated periodically to reflect changes in our practices, the services we offer, or applicable legal requirements. We will post the updated version on our website with the new effective date and notify registered users of significant changes by email or other appropriate means.
We encourage you to review this Policy periodically to stay informed.
13. Contact and Complaints
For any questions, requests, or complaints related to this Policy, please contact us:
• Email: [email protected]
• Website: www.luisfernandoguerrero.com
If you believe that the processing of your data does not comply with applicable regulations, you have the right to lodge a complaint with the relevant supervisory authority in your country: INAI (Mexico), SIC (Colombia), AAIP (Argentina), CNDH (Chile), APDP (Peru), AEPD (Spain), or the FTC / State Attorney General (U.S.).
© 2026 LFG Consulting · [email protected] · www.luisfernandoguerrero.com
