2026 . Q2 BRIEFING
BOGOTA . MIAMIES/ENVISION . PRECISION . EXECUTION
Last updated: May 8, 2026

Privacy Policy and Personal Data Treatment

LIFE INVESTMENT CONSULTING LLC (LIFE·IN·CO), a United States entity with operating presence in Latin America, protects your personal data under a multi-jurisdictional framework combining US legislation (FTC Act, CCPA, CalOPPA, COPPA), Colombian Ley 1581 of 2012 and Decreto 1377 of 2013, and the European GDPR. This policy explains what data we collect, why, how we protect it, and what rights you have.

1. Identity of the data controller

The data controller of personal data is LIFE INVESTMENT CONSULTING LLC (hereinafter, “LIFE·IN·CO” or “we”), a limited liability company organized under the laws of the State of Florida, United States of America, with operating presence in Bogotá D.C., Colombia.

  • Legal name: Life Investment Consulting LLC
  • Entity type: Limited Liability Company (LLC) · Florida, USA
  • EIN (Employer Identification Number): 36-5170170
  • Member / Representative: Juan Pablo Bernal Villamizar
  • Registered address: 25 SW 9th St Ste 406, Miami, FL 33130, USA
  • Operating presence in Latin America: Bogotá D.C., Colombia
  • Email: jp.bernal@lifeinco.co
  • Phone / WhatsApp: +1 (786) 887-5192
  • Website: https://lifeinco.co

2. Applicable legal framework

Because Life Investment Consulting LLC operates from the United States but serves Latin American and global markets, this policy simultaneously observes the following regulatory frameworks:

  • United States (entity primary jurisdiction): Federal Trade Commission Act (15 U.S.C. § 41-58), Children's Online Privacy Protection Act (COPPA · 15 U.S.C. § 6501-6506), California Consumer Privacy Act (CCPA · Cal. Civ. Code § 1798.100 et seq.) when applicable to California residents, and California Online Privacy Protection Act (CalOPPA).
  • Colombia (voluntary commitment for Colombian visitors and clients): Ley 1581 of 2012, “General provisions for the protection of personal data”; Decreto 1377 of 2013, partial regulation of Ley 1581; Ley 1480 of 2011, Consumer Statute (where applicable); and External Circular 002 of 2024 and subsequent issuances of the Superintendence of Industry and Commerce (SIC).
  • European Union: General Data Protection Regulation (GDPR · Regulation EU 2016/679) for visitors from the European Economic Area.
  • United Kingdom: UK GDPR and Data Protection Act 2018 for UK visitors.

Although the legal entity is American, we voluntarily commit to compliance with Colombian Ley 1581 and the European GDPR as an ethical and commercial commitment to our visitors and clients in those jurisdictions. In case of conflict between frameworks, we will apply the one offering greater protection to the data subject.

3. Personal data we collect

We collect the following categories of personal data:

  • Contact data you voluntarily provide: name, email address, phone number (when provided), company name, role, industry, revenue range, and the content of your messages through the contact form, Calendly or WhatsApp.
  • Browsing-derived data: IP address, browser type, operating system, pages visited, date and time of access, referrer site and session duration. This data is collected through cookies (see section 9 and the Cookie Policy).
  • Data derived from specific interactions: meeting bookings (Calendly), WhatsApp Business messages, and any data you voluntarily share during those interactions.

We do NOT collect sensitive data as defined in article 5 of Ley 1581 (data revealing racial or ethnic origin, political orientation, religious or philosophical convictions, union membership, social organization or human rights membership, biometric data, health data, sexual life or orientation). If you accidentally provide sensitive data, we will not use it and will delete it immediately upon detection.

We do NOT intentionally collect data from minors. Our services target companies and persons over 18 years old. If you are aware that a minor has provided data to us, write to jp.bernal@lifeinco.co and we will delete it immediately.

4. Purposes of processing

We process your personal data only for the following specific purposes:

  • Respond to your inquiries and requests: reply to messages you send through our website, Calendly, WhatsApp or email.
  • Qualify commercial leads: assess whether our services are appropriate for your situation, in which case we will contact you for an initial no-commitment conversation.
  • Execute professional engagements: if we decide to work with you, manage the contractual relationship, communicate progress, and fulfill our contractual obligations.
  • Comply with legal and regulatory obligations: including invoicing, accounting, response to authority requirements, and compliance with Colombian labor and tax obligations.
  • Improve the website and services: aggregated and anonymized statistical analysis of site usage to improve content and experience (when you consent to analytics cookies).
  • Editorial and commercial communications (optional · only with separate explicit consent): sending of editorial articles, downloadable resources and notifications about new content. This purpose requires separate authorization that you can grant or revoke at any time.

We do NOT use your data to: sell, rent or transfer your data to third parties for commercial purposes; aggressive profiling or invasive advertising; make automated decisions that produce legal effects on you.

5. Data subject authorization

Pursuant to article 9 of Ley 1581, processing your personal data requires your prior, express and informed authorization. You grant this authorization through one of these actions:

  • Explicitly checking the policy acceptance box when submitting the contact form.
  • Booking a meeting through Calendly (the booking confirmation implies acceptance of this policy).
  • Sending us a message through WhatsApp or email (with knowledge of this policy accessible from the site footer).
  • Accepting cookies in the corresponding banner.

Your authorization is free, specific, informed and unequivocal. You have the right to revoke authorization at any time (see section 7).

6. Rights of the data subject

As the owner of your personal data, under article 8 of Ley 1581 you have the following rights:

  • Know: what data we process and for what purposes.
  • Access: obtain a copy of your data at any time, free of charge.
  • Update and rectify: request correction of inaccurate, incomplete or outdated data.
  • Request proof of authorization: except when expressly waived as a requirement.
  • Be informed: about the use given to your data.
  • Revoke authorization and/or request deletion: when constitutional and legal principles, rights and guarantees are not respected. Revocation applies except when there is a legal or contractual duty for data retention.
  • File complaints with SIC: Superintendence of Industry and Commerce (Colombia's data protection authority).

7. Procedure to exercise your rights

To exercise any of the above rights:

  1. Send your request in writing to jp.bernal@lifeinco.co with subject “Habeas data · [type of request]”.
  2. Identify yourself: include your full name, identification number, address and contact details.
  3. Specify clearly which right you are exercising and what information you need (access, rectification, deletion, revocation).
  4. Attach identity document if the request requires it to verify your identity.

Response timeframes per Decreto 1377:

  • Inquiries and access requests: maximum 10 business days.
  • Update, rectification, deletion and revocation claims: maximum 15 business days.
  • If we cannot respond in these timeframes, we will inform you of the reasons and the date when we will respond (no more than 8 additional business days for inquiries, nor 8 additional business days for claims).

Person or area responsible for handling petitions, inquiries and claims about personal data: Juan Pablo Bernal, Founder and legal representative, contactable at jp.bernal@lifeinco.co.

8. Data retention period

We retain your personal data for the following periods:

  • Non-converted commercial leads: 24 months from the last contact, unless you request deletion earlier.
  • Active clients: for the duration of the contractual relationship and for 10 years after termination, in compliance with Colombian accounting, tax and commercial obligations.
  • Editorial communication subscribers: until you revoke authorization (at which point immediate deletion is performed).
  • Analytics cookie data: maximum 26 months, following industry standard practices.
  • Strictly necessary cookie data: during the active session or until you close the browser.

Once the applicable period is met, data is securely deleted, unless a legal rule requires longer retention.

9. Cookies and similar technologies

We use cookies and similar technologies on lifeinco.co. Cookies are small text files your browser stores to remember preferences and improve your experience.

We distinguish three categories:

  • Strictly necessary: required for the site to function (selected language, session, security). No consent required.
  • Functional: improve experience (remember preferences). Require consent.
  • Analytics: allow us to understand site usage in aggregated and anonymized form. Require consent.

You can review the full detail in our Cookie Policy and accept or reject optional categories in the cookie banner that appears on your first visit to the site.

10. International transfers and third parties

To deliver our services, we transfer your data to the following external providers, all committed to protection standards equivalent to Colombia's:

  • Vercel Inc. (United States): website hosting and content delivery. Vercel policy.
  • Formspree Inc. (United States): contact form processing. Formspree policy.
  • Calendly LLC (United States): meeting scheduling. Calendly policy.
  • Google LLC (United States): Google Workspace (jp.bernal@lifeinco.co email), Google Calendar (Calendly sync), Google Meet (video calls) and Google Search Console (site analytics). Google policy.
  • WhatsApp / Meta Platforms Inc. (United States): WhatsApp Business communication. WhatsApp policy.
  • Microsoft Corporation · Microsoft Clarity (United States): aggregated behavioral analytics (heatmaps, anonymized session recordings) only when you consent to analytics cookies. Clarity does NOT load if you decline optional cookies in the banner. Microsoft policy.
  • Cloudflare Inc. (United States): anti-bot protection via Turnstile and, once enabled, CDN/WAF layer. Cloudflare policy.

The United States is not considered by SIC a country with adequate level of data protection in all cases. However, listed providers comply with international standards (SOC 2, ISO 27001, GDPR, Privacy Shield Framework where applicable) and maintain contracts with standard protection clauses. Your authorization for this international transfer is understood as granted upon accepting this policy.

11. Data security

We implement reasonable technical, human and administrative measures to protect your data against unauthorized access, loss, alteration or disclosure. These measures include:

  • SSL/TLS encryption for all data in transit (lifeinco.co uses HTTPS).
  • HSTS (HTTP Strict Transport Security) enabled at server level.
  • Email authentication DKIM, SPF and DMARC on the lifeinco.co domain.
  • Data access restricted to authorized personnel under confidentiality duty.
  • Storage in providers with SOC 2 Type II certification or equivalent.
  • Periodic encrypted backups at rest.

Notwithstanding the above, no data transmission or storage system is 100% secure. In the event of detecting a security breach affecting personal data, we will notify you within the timeframes provided by law.

12. Validity and modifications

This policy has indefinite validity from May 8, 2026. We may update it when necessary to reflect changes in our practices, applicable legislation or services we provide.

When changes are material (affect processing purposes, data subject rights, international transfers or data categories), we will notify you:

  • Through visible notice on this page for at least 30 days.
  • By email to the address you have provided, if we have it.
  • Requesting a new explicit authorization when the modification warrants it.

13. Complaints to control authorities

If you consider that the processing of your data does not comply with applicable regulations, you may file a complaint with the competent authority depending on your jurisdiction:

United States (entity primary jurisdiction)

Colombia (visitors and clients in Colombia)

  • Superintendence of Industry and Commerce (SIC): www.sic.gov.co
  • Address: Carrera 13 No. 27-00, Bogotá D.C., Colombia
  • Email: contactenos@sic.gov.co

European Union

  • The data protection authority of your country of residence in the European Economic Area.

However, we invite you to contact us first at jp.bernal@lifeinco.co. We will resolve your request directly within legal timeframes and, in most cases, escalation to a control authority will not be necessary.

If you have questions about this policy, write to jp.bernal@lifeinco.co. This policy may be updated. We will notify material changes on this page and by email to those who have provided one.

Let's talk