Last Updated: July 11, 2026
Welcome to our website. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
Data We Collect
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store, and transfer different kinds of personal data about you which we have grouped together as follows:
Identity Data includes first name, last name, username or similar identifier.
Contact Data includes billing address, delivery address, email address, and telephone numbers.
Financial Data includes bank account and payment card details.
Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
Usage Data includes information about how you use our website, products, and services.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
How We Use Your Personal Data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.
Client Portal & Text Messaging
Cruz Gold and Associates offers current clients a secure online client portal at portal.cruzgoldlaw.com (the “Portal”). This section describes how we handle your information when you use the Portal and when we communicate with you by text message. It supplements the website policy above.
Information We Collect Through the Portal
- Account and case information: your name, phone number, email address, and details of your immigration case with our firm
- Documents: files you upload related to your case (identification, supporting evidence, forms)
- Messages: messages you exchange with our office through the Portal's secure messaging feature
- Preferences: your language selection (English or Spanish) and notification settings
- Sign-in data: login session tokens stored in your browser. The Portal has no passwords — you sign in with a one-time code sent to your phone. We do not use advertising cookies or cross-site tracking on the Portal.
Text Message (SMS) Communications
By providing your mobile phone number to our office and using the Portal, you consent to receive text messages from Cruz Gold and Associates, including:
- One-time login codes when you sign in to the Portal (sent only when you request them)
- Case notifications such as case status updates, new messages from our office, and payment confirmations
Message frequency varies with case activity. Message and data rates may apply. You may opt out of notification text messages at any time by replying STOP to any message, or by adjusting your notification preferences in the Portal's profile settings. Reply HELP or call (609) 924-8500 for assistance. Opting out of notifications does not affect one-time login codes, which are sent only when you request them to sign in.
We do not send marketing or promotional text messages. Your mobile number and your consent to receive text messages are never sold or shared with third parties for marketing purposes.
Service Providers
When you use the Portal, we share information only with the following service providers, strictly for the purposes described:
| Service Provider | Information Shared | Purpose |
|---|---|---|
| LawPay (AffiniPay) | Payment amount, invoice reference, name, email | Processing credit/debit card and eCheck payments |
| Microsoft (SharePoint / Microsoft 365) | Case documents, file names, email content | Secure storage of case documents and delivery of email notifications |
| Docketwise | Name, phone, email, case details | Immigration case management and questionnaires |
| BoldSign | Name, email, retainer agreement PDF | Electronic signature collection |
| Twilio | Mobile phone number, text message content | Delivering login codes and notification text messages |
| USCIS | Receipt numbers | Checking the status of filed applications |
Payment card and bank account details are collected and processed directly by LawPay's PCI-compliant systems — we never see or store them.
Security and Retention
- All data transmitted between your browser and our servers is encrypted (HTTPS/TLS), and login sessions expire automatically after 24 hours
- One-time login codes expire within 5 minutes of issuance
- Case records, documents, and Portal messages are retained for the duration of the attorney-client relationship and for a minimum of 5 years after case closure, as required by professional responsibility rules
Your Choices
You can manage notification categories (case status updates, document requests, payment reminders, and questionnaires) in the Portal's profile settings, or stop notification text messages entirely by replying STOP. To request access to, correction of, or deletion of your personal information, contact us at [email protected] or (609) 924-8500. We may be required to retain certain records under applicable legal and professional obligations. The Portal is intended for clients aged 18 and over.