Privacy Policy

Last Updated: 1/31/2025

This Privacy Policy (“Policy”) describes the privacy practices of My Legal Done (“we,” “our,” or “us”), including our website at www.mylegaldone.com and other sites under our control where this Policy is posted (collectively, the “Sites”). This Policy explains how we collect, use, disclose, and protect personal information about users, clients, and other individuals.

We are committed to complying with applicable data protection laws, including the California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), Family Educational Rights and Privacy Act (FERPA), Children’s Online Privacy Protection Act (COPPA), Massachusetts privacy laws, and other relevant laws governing personal data.

If we have entered into separate agreements with you regarding data privacy, those agreements supersede this Policy in the event of a conflict.

1. Information We Collect

We collect and receive personal information from multiple sources, including direct interactions, third-party services, and automated technologies. Personal information means information relating to an identifiable person. The categories of personal information we collect include:

Legal Services and Business Administration

We collect personal information from clients, potential clients, business partners, service providers, and other individuals in connection with legal and compliance services. This may include:

• Contact details: Name, email address, postal address, phone number, company name.
• Billing and payment data: Credit card information, transaction details.
• Case-related information: Contract details, intellectual property matters, regulatory compliance inquiries.

Website Interactions

When you visit our Sites, you may provide personal information such as:

• Event registration data: Name, dietary restrictions, professional affiliations.
• Newsletter subscriptions: Email address, preferences.
• User account details: If applicable.

Third-Party Sources

We may receive personal information from:

• Service providers and business partners: Payment processors, marketing partners.
• Public databases: Professional directories, regulatory filings.

Device and Browsing Data

We automatically collect certain information when you visit our Sites, including:

• IP address, browser type, and device information.
• Website analytics: Pages visited, session duration.
• Cookies and tracking technologies: (see Section 7: Cookies and Tracking Technologies).

We do not intentionally collect sensitive data unless necessary for compliance or legal purposes.

2. How We Use Personal Information

We use personal information for the following purposes:

Providing Legal and Compliance Services

We use personal information to assist clients with:

• Contract drafting and review.
• FTC compliance, GDPR/CCPA privacy assessments.
• Intellectual property protection and regulatory compliance.

Client Communication & Support

We process personal information to:

• Respond to inquiries and legal service requests.
• Schedule consultations and send updates.
• Manage client relationships effectively.

Regulatory Compliance

We process data to comply with:

• State, federal, and international privacy laws.
• Legal obligations under GDPR, CCPA, FERPA, and other regulations.

Marketing & Outreach

We may use personal information to:

• Send newsletters, legal alerts, and event invitations.
• Offer legal insights and compliance resources.
• Provide opt-out options for marketing communications.

Website Functionality & Security

We collect and process personal data to:

• Monitor website performance and user experience.
• Prevent fraud and enhance cybersecurity.
• Ensure compliance with website policies and terms.

Legal Basis for Processing (GDPR)

For individuals in the EEA or UK, we process data under the following legal bases:

• Performance of a Contract: Processing is necessary to provide client services.
• Legitimate Interests: Such as fraud prevention and analytics.
• Legal Obligations: Ensuring compliance with applicable privacy laws.
• Consent: For marketing communications, cookie tracking, and certain data collection activities.

3. Disclosure of Personal Information

We do not sell personal data. However, we may share personal information in the following circumstances: when we engage third parties for IT services, payment processing, and legal research. In addition, we may disclose data to courts, regulatory bodies, or law enforcement if required by law. In case of a merger, acquisition, or restructuring, personal data may be transferred to the successor entity. We may share data with other third parties if you explicitly consent to such disclosure.

All third-party recipients are required to comply with strict confidentiality obligations.

4. Your Privacy Rights

A. California Consumer Privacy Act (CCPA) Rights

California residents have the right to:

• Access their personal information.
• Request deletion of their data.
• Correct inaccurate information.
• Opt-out of data sharing (we do not sell data).

B. General Data Protection Regulation (GDPR) Rights

For individuals in the EEA or UK, rights include:

• Access and rectification of personal data.
• Right to be forgotten (request deletion).
• Restriction of processing.
• Data portability (transfer data to another provider).

C. FERPA Compliance (Educational Data)

For student records, we comply with FERPA, allowing students and parents to:

• Review and correct educational records.
• Restrict disclosure of student data.

D. COPPA Compliance (Children’s Data)

We do not knowingly collect data from children under 13 years old. If we receive such data, we will delete it promptly.

To exercise your privacy rights, contact us at privacy@mylegaldone.com.

5. Data Security and Data Retention

We employ industry-standard security measures, which may include:

• Encryption of sensitive transactions.
• Access controls for authorized personnel only.
• Regular security audits to help prevent data breaches.

We retain personal information for as long as necessary to:

• Provide services.
• Comply with legal obligations.
• Maintain business records.

Data is securely deleted or anonymized when no longer required.

6. Cross-Border Data Transfer

If you access our services outside the U.S., your data may be processed in the U.S., where data protection laws may differ from your local jurisdiction. We use Standard Contractual Clauses (SCCs) and other appropriate safeguards for international data transfers.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Improve website performance.
• Analyze user behavior (for example, via Google Analytics).
• Enhance security measures.

You can manage cookie settings via your browser preferences. For more details, see our Cookie Policy.

8. Third-Party Links

Our Sites may contain links to external websites. We are not responsible for their privacy practices and recommend reviewing their policies before sharing personal data.

9. Updates to This Policy

We may update this Policy periodically. If changes are material, we will notify you via:

• A notice on our website; and/or
• Email notification (if applicable).

Continued use of our services constitutes acceptance of the updated Policy.

10. Contact Information

If you have any questions regarding this Policy, please contact us at:

My Legal Done
67 Batterymarch St, Lower Level
Boston, MA 02110

privacy@mylegaldone.com
(802) 999-2590