Get in Touch

Privacy Policy

Privacy Policy

Last updated: 15 September 2025

This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit our websites, purchase subscriptions (including via Stripe), or use our AI-powered legal advertising placements and related tools, dashboards, and analytics (the “Service”).

Company” means the operator of this website and the Service, as identified in the website footer/legal imprint. “Advertiser” means a business purchasing or using the Service. “User” means an individual who interacts with our conversational experiences (for example, asking legal questions) or visits our sites.

If you do not agree with this Policy, please do not access the Service.

1) Scope & Roles

  • Company acts as an independent controller for personal data it collects through the Service, websites, analytics, payments, security, and support.

  • Company does not contact leads on Advertisers’ behalf. If a User chooses to contact a law firm, any information the User provides to that firm is controlled by the firm’s own privacy terms.

2) Data We Collect

2.1 Information you provide

  • Account & subscription data (for Advertisers): business name, contact details, billing details, plan selections, communications.

  • Content & support: messages you send to us (including via forms or email), support tickets, survey responses.

  • Conversational inputs (for Users): questions, prompts, and other content submitted to our conversational experiences.

2.2 Information collected automatically

  • Usage & event data: interactions with our sites and Service, timestamps, referral/UTM data, feature use, approximate geolocation (derived from IP), language, device/OS/browser info.

  • Log data: IP address, user-agent, identifiers (e.g., cookie IDs), diagnostic and security logs.

  • Cookies and similar tech: pixels, SDKs, local storage used for essential functionality, analytics, fraud prevention, and (where applicable) remembering preferences.

2.3 Payment information

  • Payments are processed by Stripe or another payment provider. We do not store full card numbers. Stripe independently processes certain data as its own controller to complete transactions and comply with law.

2.4 Third-party sources

  • Identity/firmographic data from public sources or vendors (e.g., business registries, data enrichment) to verify Advertisers and reduce fraud.

3) Purposes & Legal Bases (GDPR/EEA/UK)

We process personal data for these purposes and legal bases:

  • Provide the Service (create/manage subscriptions, allocate inventory/keywords, deliver placements, troubleshoot) — performance of a contract.

  • Payments & billing (fraud prevention, chargebacks, accounting) — performance of a contract and legal obligation.

  • Analytics & service improvement (measure usage, quality, safety; enhance features; train heuristics and delivery logic) — legitimate interests.

  • Security & abuse prevention (detect, prevent, and respond to spam, fraud, or misuse) — legitimate interests and legal obligation.

  • Communications (service notices, administrative messages, responding to inquiries) — performance of a contract and legitimate interests.

  • Marketing to Advertisers (product updates, offers to business contacts) — legitimate interests; where required, consent.

  • Compliance (tax, accounting, regulatory requests, enforcement of our Terms) — legal obligation and legitimate interests.

Where we rely on consent, you may withdraw it at any time (this will not affect prior processing).

4) Cookies & Similar Technologies

We use:

  • Essential cookies — required for core functionality (cannot be disabled).

  • Analytics/performance cookies — to understand usage and improve the Service.

  • Preference cookies — to remember settings.

Where required, we obtain consent for non-essential cookies. You can adjust browser settings to block or delete cookies; doing so may impact functionality.

5) How We Share Information

We share personal data only as described below:

  • Service providers/processors: hosting, AI model infrastructure, content delivery, customer support, analytics, email, security, and payment processing (e.g., Stripe). They act under contract and only process data on our instructions.

  • Change of control: if we undergo a merger, acquisition, or asset sale, data may transfer to the buyer subject to this Policy.

  • Legal & safety: to comply with law, enforce our Terms, protect the rights, safety, or security of Company, Users, or the public.

  • With Advertisers: we do not share Users’ personal data with Advertisers unless a User explicitly chooses to contact a firm or otherwise consents.

We do not sell personal data.

6) International Data Transfers

Your data may be processed outside your country, including outside the EEA/UK. Where required, we use adequacy decisions (e.g., EU/UK-US frameworks) or Standard Contractual Clauses and implement appropriate safeguards. You can contact us for a copy of the relevant transfer mechanism (with redactions where necessary).

7) Retention

We retain data for the minimum period necessary to fulfil the purposes in this Policy, then delete or anonymize it:

  • Account, subscription & billing records: for the life of the account plus the period required by tax/accounting law (up to 10 years).

  • Usage & logs: typically up to 12 months for security/diagnostics.

  • Conversational inputs: typically up to 18 months to operate, secure, and improve delivery and measurement.

  • Support communications: typically up to 24 months for reference and training.

We may retain data longer if required by law, to resolve disputes, or enforce our agreements.

8) Security

We use administrative, technical, and physical safeguards designed to protect personal data (access controls, encryption in transit, network safeguards, and vendor due diligence). No system can be guaranteed 100% secure.

9) Your Rights

EEA/UK/Swiss residents (GDPR)

You have the right to access, rectify, erase, restrict, object (including to processing based on legitimate interests), and data portability. You also have the right to withdraw consent where processing is based on consent, and to lodge a complaint with a supervisory authority (in Spain: the Agencia Española de Protección de Datos).

United States residents

Depending on your state, you may have rights to access, delete, correct, opt-out of certain targeted advertising or profiling, and to appeal a decision. We do not “sell” personal information. We honor applicable opt-out rights where required by law.

To exercise rights, see Contact Us below. We may verify your request.

10) Automated Decision-Making

We use automated systems to match conversation context to relevant legal categories/keywords and to determine when and how placements appear. These systems do not produce legal or similarly significant effects about a person. You may object to processing based on legitimate interests (see Your Rights).

11) Children

The Service is intended for business and adult users and is not directed to children. We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us to request deletion.

12) Third-Party Links

Our websites and conversational experiences may link to third-party sites or services. Their privacy practices are governed by their own policies.

13) Changes to this Policy

We may update this Policy from time to time. Material changes will be highlighted on this page or via in-product notice. Your continued use of the Service after an update means you accept the revised Policy.

14) Contact Us

  • For privacy questions or requests, contact us using the email address published in the website footer/legal imprint or via the site’s contact channel.

  • Please describe the nature of your request and the country you are located in.

  • If we cannot resolve your concern, you may lodge a complaint with your local authority (EEA example: Agencia Española de Protección de Datos).