Privacy Policy

This Privacy Policy describes the privacy practices of LegalOn Technologies, Inc. (“LegalOn”, “we”, “us” or “our”) and how we handle personal information that we collect through our websites, including legalontech.com and review.legalontech.com, our Word add-in LegalOn Contract AI, or any of our other products or digital services that link to this Privacy Policy, including our website LegalOnTech.com (collectively, the “Services”), as well as through social media, our marketing activities, and other activities described in this Privacy Policy.

This Privacy Policy may not apply to all information that we process on behalf of our enterprise customers while providing the LegalOn platform to them. Our use of such information is governed by our agreements with those enterprise customers. If you have concerns regarding personal information that we process on behalf of an enterprise customer, for example if you are an employee of such an enterprise customer, please direct your concerns to that enterprise customer.

Our websites, products, and services are primarily designed for enterprise organizations and their representatives. We do not offer products or services for use by individuals for their personal, family, or household purposes. Accordingly, we treat all personal information we collect as pertaining to individuals in their capacities as enterprise organization representatives and not their individual capacities.

We may provide additional or supplemental privacy policies for specific products or services that we offer at the time we collect personal information or as otherwise notified to you.

Notice at Collection: Summary of Key Privacy Practices

We may provide additional or supplemental privacy policies for specific products or services that we offer at the time we collect personal information or as otherwise notified to you.

What information we collect.

Information you provide to us. You may provide personal information to us through the Services or otherwise.
Information from third-party sources. In some cases, we combine personal information we receive from you with personal information we obtain from other sources.
Automatic data collection. We, our service providers, and/or our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Services, our communications, and other online services.

Why we collect personal information.

Where the processing is necessary to administer our relationship with you, including where based on our contract with you or to take steps at your request prior to entering into a contract, such as creating and administering orders for you;
Where the processing is necessary for our legitimate interests and where our interests are not outweighed by your data protection rights, such as research and development purposes;
Where necessary to comply with a legal obligation; or
With your consent.

Retention of personal information.

Your personal information will be retained only for so long as reasonably necessary for the purposes set out above and consistent with our retention policies, considering criteria such as applicable rules on statute of limitations, legal requirements and the duration of your use of our website and receipt of our Services. In general, this retention will be at least for the duration of your customer relationship with us and a longer period as necessary for legal defense purposes or as required by tax and other applicable laws.

Sharing of personal information.

While we do not sell your personal information, we do share your information with third parties, such as companies providing services to us, and in some cases we share the categories of information listed above for targeted advertising purposes. California residents may opt out of “sharing” as defined under the California Consumer Privacy Act here.

Privacy Policy: Table of Contents

Our collection of personal information Why and how we use your personal information Deidentified or aggregated data How we share your personal information Notice for California residents Notice for residents of the EEA, UK, and Switzerland Retention of personal information Other privacy choices Other sites and services Security International data transfer Children Changes to this Privacy Policy How to contact us

Our collection of personal information

This section contains details on the personal information we collect and the sources from which we collect that personal information.

Information you provide to us. You may provide personal information to us through the Services or otherwise, such as:

Identifiers – such as your first and last name, IP address, email address, phone number, and postal address.
Professional or Employment-Related Information – such as your professional title and name of your employer.
Commercial information – such as information relating to your orders with us, including products and services purchased, obtained or considered.
Audio and visual information – such as audio recordings of calls with you where permitted by law, visual recordings if you visit our premises or if you agree that we may take your photograph or videotape you. You may also provide us your photo in connection with the Services (for example, for a profile picture).
Other data – that does not fit into the categories listed above. This category also includes information identified as Personal Information in California Civil Code Section 1798.80(e) that is not otherwise categorized, such as:

Profile data – such as the username and password that you may set to establish an online account with us and any other information that you add to your account profile.
Communications – that we exchange with you, including when you contact us with questions or feedback. When you contact us, we may also keep a record of your communication to better support you in the future.
Your signature – for example, if you sign a contract with us.
Marketing data – such as your preferences for receiving our marketing communications and details about your engagement with them.

You may provide other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Third-party sources. In some cases, we combine personal information we receive from you with personal information we obtain from other sources, such as:

Public and private sources – such as government agencies, public records, social media platforms, and other publicly or privately available sources.
Data providers – such as information services and data licensors.
Our affiliate partners – such as our affiliate network provider and publishers, influencers, and promoters who participate in our paid affiliate programs.
Marketing partners – such as joint marketing partners and event co-sponsors.

Automatic data collection. We, our service providers, and/or our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Services, our communications, and other online services, such as:

Internet or other similar network activity data – such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Services, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our marketing emails or clicked links within them. We also collect data about your device, such as your device’s type and related information (e.g., make, model), IP address, unique identifiers (including identifiers used for advertising purposes), and device settings.

Like many online services, we may use the following technologies to collect data automatically:

Cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating analytics and online advertising.
Local storage technologies, like HTML5 and Flash, that provide cookie equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email address was accessed or opened, or that certain content was viewed or clicked.

Data about others. Users of the Services may have the opportunity to refer other contacts to us and share their contact information with us. Please do not refer someone to us or share their contact information with us unless you have their permission to do so.

Why and how we use your personal information

We may use your personal information for the following purposes or as otherwise described at the time of collection.

Where the processing is necessary to administer our relationship with you, including where based on our contract with you or to take steps at your request prior to entering into a contract. For example, we may use your personal information to:

create and administer orders for you;
establish and maintain your user profile on the Services;
enable security features of the Services, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in;
communicate with you about the Services, including by sending announcements, updates, security alerts, and support and administrative messages;
understand your needs and interests, and personalize your experience with the Services and our communications provide support for the Services, and respond to your requests, questions, and feedback;
and facilitate you visiting our offices or attending events.

Where the processing is necessary for our legitimate interests and where our interests are not outweighed by your data protection rights. For example, we may use your personal information to:

further our research and development, including to analyze and improve the Services and our business;
collect and use your personal information for marketing and advertising purposes, including through service providers or third parties and to understand your needs and interests, and personalize your experience with the Services and our communications;
send you direct marketing communications as permitted by law;
undertake mergers, acquisitions, reorganizations, disposals, or other business transactions as permitted/required in accordance with local law; and
protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims).

Where necessary to comply with a legal obligation. For example, we may use your personal information to:

comply with applicable laws, lawful requests, and legal processes, such as to respond to subpoenas or requests from government authorities;
audit our internal processes for compliance with legal and contractual requirements and internal policies;
enforce the terms and conditions that govern the Services; and
prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.

With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

Deidentified or aggregated data

We may use your Deidentification is a data processing technique that modifies personal information so that it cannot reasonably be associated with a specific individual. Except for this section, none of the other provisions of this Privacy Policy apply to data that has been deidentified or aggregated (i.e., information about our customers that we combine so that the resulting data no longer identifies or references an individual customer). We commit to refrain from attempting to reidentify deidentified information except to determine whether our deidentification processes work as intended or as permitted by applicable laws. We may use this deidentified or aggregated data and share it with third parties for our lawful business purposes, including to analyze and improve the Services and promote our business. information for the following purposes or as otherwise described at the time of collection.

How we share your personal information

We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection.

Affiliates. Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.
Service providers. Third parties that provide services on our behalf or help us operate the Services or our business (such as hosting, information technology, customer support, email delivery, marketing, and website analytics). Note that any payment card information you use to make a purchase from us, including on the Services, is collected and processed directly by our payment processors, not us, and as such is subject to that payment processor’s privacy policy, not this Privacy Policy.
Third parties designated by the consumer. We may share your personal information with third parties where you have instructed us or provided your consent to do so.
Advertising companies. Companies in the marketing or advertising space, including those that help serve targeted advertisements.
Business and marketing partners. Third parties with whom we collaborate on joint activities (such as co-sponsors of contests and promotions), with whom we have entered into joint marketing relationships or other joint ventures, or who we think may offer you products or services that you may enjoy.
Professional advisors. Professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the legal compliance and other purposes described above.
Business transferees. Acquirers and other relevant participants in business transactions (or negotiations and diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, LegalOn or our affiliates (including, in connection with a bankruptcy or similar proceedings).

Notices for California residents

California Residents’ Rights. If you are a California resident, subject to certain exceptions set forth under applicable law, you have the following rights under California law with respect to your personal information:

Right to Access – You may have the right to request what personal information we collect, use, disclose, and/or sell, as applicable, and request the information be provided to you in a portable format.
Right to Delete – You have the right to request the deletion of your personal information that is collected or maintained by us.
Right to Correct Inaccurate Personal Information – You have the right to request that we correct inaccurate personal information that we maintain about you.
Right to Opt-Out of Sale or Sharing of Personal Information – You have the right to request to be opted out from any “sales” or “sharing” of your personal information by us, as the California Consumer Privacy Act (CCPA) defines those terms. We do not “sell” your personal information for monetary or other valuable consideration, but we do “share” certain personal information (which the CCPA defines to mean sharing with third parties for certain targeted advertising purposes). To opt out of such sharing of your personal information, email us at privacy@legalontech.com with the subject line “Do not share my info.”
Right to Non-Discrimination – You have the right not to be denied goods or services, charged different prices or rates for goods or services, or receive a differing level of quality of goods or services as a result of exercising the above rights.
Right to request information regarding third party direct marketing - California’s Shine the Light law gives California residents the right to ask companies what personal information they share with third parties for those third parties’ direct marketing purposes. We do not disclose your personal information to third parties for the purpose of directly marketing their goods or services to you unless you request such disclosure.

You can submit a request by emailing us at privacy@legalontech.com. We will verify that the information you submit matches our records before we fulfill the request and in certain cases may need to request personal information to verify your identity. You may use an authorized agent to submit a consumer rights request on your behalf using the methods above, however, we will require the authorized agent to provide signed permission to submit the request on your behalf and may still contact you to confirm your identity and that this request was submitted with your permission.

Finally, if your browser supports it, you can turn on the Global Privacy Control to opt-out of the “sale” of your personal information under California’s CCPA.

Our disclosures of personal information. California law requires that we detail the categories of personal information that we disclose for certain business purposes, such as to service providers that assist us with securing our services or marketing our products, and to such other entities as described above in this Privacy Policy. In the past 12 months, we did not disclose personal information to third parties.

We did not use or disclose “sensitive personal information” as defined under the CCPA in the past 12 months.

Notices for residents of the EEA, UK, and Switzerland

Our legal bases for processing personal information. You can find information about our legal bases for processing your personal information in the “Why and how we use your personal information” section of this Privacy Policy.

Data subject rights. Applicable laws in the EEA, UK, and Switzerland give residents of those areas certain rights regarding their personal information. You may have the right to:

Obtain access to and/or a copy of certain information we hold about you;
Request that we update information which is out of date or incorrect;
Request erasure of certain information which we process about you;
Request that we stop our processing of your information for direct-marketing purposes;
Restrict the way that we process and disclose certain of your information; and
Withdraw your consent, where we obtained your consent to process personal information (without this withdrawal affecting the lawfulness of any processing that took place prior to the withdrawal).

You can submit a request by emailing us at privacy@legalontech.com. We will honor such requests as required under the applicable data protection laws and regulations. However, please note that such rights are not absolute: they do not always apply, and exemptions may apply. We will verify that the information you submit matches our records before we fulfill the request and in certain cases may need to request personal information to verify your identity. If we do not comply with your request, we will explain why.

If you are not satisfied with our response, you have the right to make a complaint to the data protection authority in the jurisdiction where you live or work, or in the place where you think an issue in relation to your data has arisen. The contact details of each Data Protection Authority in the EU can be found at the following website: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. You may contact us if you require assistance finding contact information for Data Protection Authorities outside of the EU.

Retention of personal information

Other privacy choices

You also have the following choices with respect to your personal information.

Cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Services may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.

Advertising choices. You may be able to limit use of your information for interest-based advertising by:

Browser settings. Blocking third-party cookies in your browser settings.
Privacy browsers/plug-ins. By using privacy browsers or ad-blocking browser plug-ins that let you block tracking technologies.
Platform settings. Google and Facebook offer opt-out features that let you opt-out of use of your information for interest-based advertising:
‍
Google: https://adssettings.google.com/
‍
‍Facebook: https://www.facebook.com/about/ads
‍
Ad industry tools. Opting out of interest-based ads from companies participating in the following industry opt-out programs:
‍
Network Advertising Initiative: http://www.networkadvertising.org/managing/opt_out.asp
‍
Digital Advertising Alliance: optout.aboutads.info
‍
AppChoices mobile app, available at https://www.youradchoices.com/appchoices, which will allow you to opt-out of interest-based ads in mobile apps served by participating members of the Digital Advertising Alliance.
‍
Mobile settings. Using your mobile device settings to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.

You will need to apply these opt-out settings on each device from which you wish to opt-out.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

Other sites and services

The Services may contain links to websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.

Security

We employ a number of technical, organizational, and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

International data transfer

We are headquartered in the United States and have international affiliates and we or they may use service providers that operate in other countries. Your personal information may be transferred to the United States, Japan, or other locations where privacy laws may not be as protective as those in your state, province, or country.

Children

The Services are not intended for use by children under 16 years of age. If we learn that we have collected personal information through the Services from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Services. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Services. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Services after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

How to contact us

Email: privacy@legalontech.com

Mail: 2 Embarcadero Center, 8th Floor, San Francisco, CA 94111

Last updated: March 28, 2024