top of page

PRIVACY POLICY

Effective Date: 06/01/2024

Last Updated: 12/16/2025

 

EK Cornerstone Law PC (“EK Cornerstone Law,” “the Firm,” “we,” “us,” or “our”) is committed to safeguarding personal information and maintaining compliance with applicable privacy laws, professional ethics rules, and industry best practices. This Privacy Policy explains how we collect, use, disclose, transfer, store, and protect personal information in connection with our website(s), online services, legal services, events, communications, and other interactions (collectively, the “Services”).

 

This Policy applies to personal information we process about clients and prospective clients, website visitors, event participants, newsletter recipients, job applicants, business contacts, and any individual interacting with the Firm.

 

 

1. IMPORTANT NOTICE ABOUT LEGAL SERVICES AND CONFIDENTIALITY

 

Using our website, submitting an inquiry, or communicating with us does not create an attorney–client relationship.

Do not send confidential, sensitive, or privileged information unless we have formally confirmed representation in writing and completed all conflicts checks.

Communications received prior to formal engagement may not be confidential or privileged.

As a law firm, we are subject to state bar rules, including professional confidentiality obligations—these obligations attach only after an attorney–client relationship has been established.

 

 

2. PERSONAL INFORMATION WE COLLECT

 

We may collect personal information directly from you, automatically through your use of the Services, and from third parties.

 

A. Information You Provide

Depending on your interaction with us, we may collect:

  • Contact and identification details

  • Client and matter-related details

  • Immigration-specific information: passport numbers, government ID numbers, immigration history, visa adjudication records, dependent information, sponsorship information, prior filings, and data required for submission to USCIS, DOL, DOS, CBP, ICE, or other authorities

  • Employment or educational information

  • Event or marketing information

  • Billing and payment information (processed by third-party processors)

  • Any other information voluntarily submitted through forms or communications

 

 

B. Automatically Collected Information

We may collect:

  • IP address, browser, device type, OS, language settings

  • Usage data: pages viewed, links clicked, session duration, referring URLs

  • Approximate geolocation (from IP)

 

 

C. Information From Third Parties

We may receive information from:

  • Co-counsel, local counsel, experts, translators, credential evaluators, investigators

  • U.S. or foreign government authorities involved in immigration or other legal matters

  • Public databases (court filings, sanctions lists, registries)

  • Service providers supporting our operations

 

 

D. Sensitive Personal Information

 

In connection with legal services, we may process:

  • Immigration history

  • Government-issued identifiers

  • Criminal background data (if relevant to a matter)

  • Medical or vaccination information (for visa requirements)

  • Financial information

  • Demographic or nationality information

We apply enhanced safeguards to such information.

 

 

3. DATA MINIMIZATION

 

We collect only the personal information reasonably necessary to fulfill the purposes described in this Policy and required for legal or professional obligations. We do not collect information beyond what is needed for lawful and legitimate purposes.

 

 

4. HOW WE USE PERSONAL INFORMATION

 

A. To Provide Legal Services

 

Including:

  • Conflicts checks and client intake

  • Case evaluation, preparation, filings, and representation

  • Submissions to government agencies (including USCIS, DOL, DOS, CBP, ICE)

  • Communications with clients, agencies, opposing counsel, courts, or relevant entities

  • Billing, collections, and accounting

  • Risk management and compliance

  • Working with local counsel, translators, credential evaluators, and other authorized vendors

 

B. To Operate and Improve the Services

 

  • Website functionality

  • Security and fraud prevention

  • Analytics and performance improvement

 

C. Marketing and Events

 

  • Newsletters, alerts, legal updates

  • Invitations to events and seminars

  • Surveys and feedback (You may opt out at any time.)

 

D. Legal and Compliance Obligations

 

Including:

  • AML/KYC, sanctions screening

  • Regulatory and ethical recordkeeping

  • Preventing or responding to fraud, security incidents, or misuse

 

 

5. LEGAL BASIS FOR PROCESSING (WHERE REQUIRED)

 

Where required by laws such as GDPR, we rely on:

  • Performance of a contract

  • Legal obligations

  • Legitimate interests (security, operations, fraud prevention, communication)

  • Consent (for certain marketing or cookie activities)

 

 

6. HOW WE DISCLOSE PERSONAL INFORMATION

 

We do not sell or rent personal information.

We may disclose information:

 

A. In the Course of Legal Services

 

  • Co-counsel, local counsel, and experts

  • Translators, credential evaluators, medical exam providers, courier services

  • Government agencies (USCIS, DOL, DOS, CBP, ICE, consular posts)

  • Opposing parties, regulators, and courts

 

 

B. To Service Providers

 

Including:

  • Secure document portals or upload systems

  • IT hosting, cloud storage

  • Email, CRM, marketing support

  • Website analytics and security vendors

  • Payment processors (Service providers are bound by confidentiality agreements.)

 

C. Compliance and Protection

 

As required by law or necessary to protect rights, security, or property.

 

D. Business or Partnership Changes

 

In connection with a merger, reorganization, partnership change, or asset transfer.

 

 

7. INTERNATIONAL DATA TRANSFERS

 

We may transfer personal information to:

  • The United States

  • Countries where local counsel or service providers operate

  • Countries where immigration filings occur

 

We use appropriate safeguards, including Standard Contractual Clauses, cross-border agreements, and vendor security measures where required.

 

 

8. YOUR RIGHTS AND CHOICES

 

Depending on jurisdiction, you may have rights to:

  • Access personal information

  • Request correction

  • Request deletion (subject to Section 9)

  • Restrict or object to processing

  • Withdraw consent

  • Data portability

  • Opt out of marketing communications

 

California (CCPA/CPRA) Rights Include:

  • Right to know

  • Right to delete

  • Right to correct

  • Right to opt out of “selling” or “sharing” (we do neither)

  • Right to limit sensitive data use

  • Right to non-discrimination

  • Global Privacy Control (GPC) honored where required

 

We do not use sensitive personal information for purposes beyond those permitted by law.

Requests may require identity verification.

 

 

9. PROFESSIONAL OBLIGATIONS & FILE RETENTION

 

Data deletion or modification requests may not be honored where retention is required by:

  • State bar ethical rules

  • Client file preservation requirements

  • IRS, DOL, DHS, or DOJ audit rules

  • Litigation hold obligations

  • Legal, regulatory, tax, or accounting requirements

 

Client matter files are generally retained for a period consistent with applicable state bar rules and the Firm’s internal retention policies.

 

 

10. COOKIES

 

We use cookies and similar technologies to operate, secure, and improve the Services.

Categories:

  • Strictly necessary

  • Performance/analytics

  • Functional

  • Marketing (not used for targeted advertising unless stated)

  • Third-party cookies

 

You may manage cookies via browser settings or consent tools.

We honor Global Privacy Control (GPC) signals where legally required.

11. SECURITY

 

We maintain administrative, technical, and physical safeguards including:

  • Access controls and least-privilege policies

  • Encryption in transit and at rest (where appropriate)

  • Network monitoring and incident response

  • Vendor security due diligence

  • Confidentiality agreements and staff training

 

No method of transmission is perfectly secure.

If you choose to communicate via email or web forms, you do so at your own risk until representation is formally established.

 

 

12. DATA BREACH NOTIFICATION

 

If a data breach occurs involving personal information, we will take appropriate steps as required by applicable law and professional ethical obligations, which may include notifying affected individuals or authorities.

 

 

13. CHILDREN'S PRIVACY

 

Our Services are not directed to individuals under age 16, and we do not knowingly collect personal information from minors.

 

 

14. THIRD-PARTY WEBSITES

 

Links on our website may direct you to third-party websites.

We are not responsible for their privacy practices.

Review their policies before providing information.

 

 

15. CHANGES TO THIS PRIVACY POLICY

 

We may update this Policy to reflect changes in law, practice, or technology.

An updated “Last Updated” date will be posted.

Continued use of the Services indicates acceptance of the updated Policy where legally permissible.

 

 

16. CONTACT US

 

To ask questions or exercise your rights:

 

Email: info@ekcornerstonelaw.com

Phone: +1-714-440-4407

Address: 6 Centerpointe Dr. Ste. 700

              La Palma, CA 90623

bottom of page