doeLEGAL Privacy Policy

GDPR, CCPA & EU-US, Swiss-US, and UK Extension to the EU-US Data Privacy Framework Compliant

privacy-security

doeLEGAL, Inc. (doeLEGAL), owner of doeLEGAL.com (“Web site”), cares about your privacy. This Privacy Policy sets forth how we handle the information we obtain from you and learn about you when you visit our Web Site. As an ASP and hosting provider, our collection of data is both online and offline. We collect data from our website, our FTP, and from media provided to us in the course of operating our business. This information is never shared, distributed, made public, or sold (in any way) to any companies outside the service contract we have. All data is stored in our Tier-3 Data Center housed in a completely secure location and backed up by video monitoring and card access. This policy has been in place with updates since April 1, 2007.  The most recent updates were posted in September 2023.

Trust is built through confidence and performance.
doeLEGAL has adopted the most advanced and sophisticated security measures, and we will do whatever is needed to ensure the safety of our clients’ and visitors’ information.

Some of our pages contain links to other sites. These other sites may have practices different than ours. Visitors to linked sites should consult those sites’ privacy notices, as we have no control over information that is submitted to, or collected by, these third parties.

This Privacy Policy addresses the following:

  • The information we collect
  • The choices that are available to you regarding how the information is used and to whom it is disseminated
  • Your rights to access and correct or update your personally identifiable information
  • Our pledge to have reasonable security procedures that are in place to protect against the loss, misuse, or alteration of the information under our control

Transferring personal data from the EU, UK, or Switzerland to the US

doeLEGAL has its headquarters in the United States. Information we collect from you will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. doeLEGAL relies on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, doeLEGAL collects and transfers to the U.S. personal data only: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of doeLEGAL in a manner that does not outweigh your rights and freedoms. doeLEGAL endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with doeLEGAL and the practices described in this Privacy Notice. doeLEGAL also minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.

What Information doeLEGAL collects

doeLEGAL collects two types of information about you when you visit our site: personal information submitted on any web forms (including, by way of example only, your name, business address, telephone number, and email address) and non-personal, aggregate information (such as information regarding the pages on our site that you have visited, length of time, and your IP address). doeLEGAL may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. doeLEGAL’s website also uses cookies and web beacons. It does not track users when they cross to third-party websites, does not provide targeted advertising to them, and therefore does not respond to Do Not Track (DNT) signals. doeLEGAL does not store general visitor information on file permanently and may be removed periodically. doeLEGAL may store the information provided to us by visitors until removal is requested. We do not sell personal information or web form submitted information to anyone and only share it with third parties who are facilitating the delivery of doeLEGAL services. Pursuant to all regulations (including CCPA), we do not store any personal information to assign behavioral characteristics or use any stored information to profile individuals. Any stored data may be requested to be removed from our servers.

Personally Identifiable Information

The only personally-identifying information that we collect and store about you is the information that you choose to provide to us. For example, if you submit a question online, we will use the personally identifiable information you provide so that we may respond according to your preferred method of contact. If you register with our site, we will gather your personally identifiable information in order to sign you up for our services. We also may use the information you provide us to send you information that we think you might be interested in, and about the products and services of our partners requested. If you choose to complete our optional survey instruments that may collect other information as to industry and geographic information, this information will not be stored with personally identifiable information. Such demographic or biometric information will be gathered and reported in the aggregate only. Your choice to complete or not complete such questionnaires will have no bearing on the quality of service you receive from us. We do not intentionally collect any information from visitors under 13 years of age.

Non-Personally Identifiable Information

We collect and use non-personally identifiable information about you in the following ways: Cookies: A “cookie” is a small text file that a Web site can place on your computer’s hard drive. The cookie transmits this information back to the Web site’s computer, which, generally speaking, is the only computer that can read it. doeLEGAL may use cookies to help us recognize you when you come back to our site. We may also use cookies to help us track traffic on our site. This information may be aggregated in an anonymous manner. This will help us better tailor our site and provide you with offers that we think may be of interest to you. We do not link cookie information to personally identifiable information. Referrers, IP Addresses, and Other Non-Personal Information: doeLEGAL.com may collect information through “referrers,” IP addresses, and various environmental variables. A “referrer” is information the Web browser passes along to the doeLEGAL.com Web server that references the URL from which you came. The “IP address” is a number used by computers on the network to identify your computer so that data can be transmitted to you. “Environmental variables” include, among other things, the domain from which you access the Internet, the time you accessed our Web site, the type of Web browser and operating system or platform used, the Internet address of the Web site you left to visit doeLEGAL, the names of the pages you visit while at our Web site and the Internet address of the Web site you then visit. We may collect all of this information to allow us to detect broad demographic trends, provide information tailored to your interests, and enhance your experience on the doeLEGAL Web Site.

Profiling

We do not merge personally-identifiable information with non-personally identifiable information. We may, however, develop a non-identifiable profile of you based on the pages within our site that you visit. How Information May Be Used: doeLEGAL.com will not sell, rent, loan, trade, or lease personal information collected at this site to any outside party. Personal information may be disclosed to judicial or other government agencies subject to warrants, subpoenas, or other government orders.

EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) Data Privacy– For EU, UK, and Swiss Data Transfer Into the United States

doeLEGAL complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. doeLEGAL has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  doeLEGAL has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

The United States Federal Trade Commission (FTC) is the enforcement authority with jurisdiction over this compliance with all Data Privacy Frameworks.

Pursuant to the Data Privacy Frameworks, we attest to the following:

  • EU, Swiss, and UK individuals have the right to access their data to update inaccurate or outdated information and request deletion of information that has been handled in violation of the Principles. (Instructions on how to access this data can be found lower down in this document.)
  • doeLEGAL engages third parties who act as our agents. “Third parties” include software doeLEGAL uses to efficiently and effectively send emails to our user and prospect database using stored information visitors have provided to help us identify their business role, the business needs, email addresses, and business location. We store this information in our secure servers and never sell any part of it or allow it to be used for reasons other than those for which it was provided. If this practice should change in the future, we will update this policy and provide data subjects with opt-out or opt-in choices as appropriate.
  • doeLEGAL, Inc. remains liable for the onward transfer of personal information to third parties acting as our agents unless we can prove we were not a party to the events giving rise to the damages.
  • doeLEGAL may be compelled to release personal data in response to lawful requests by public authorities including to meet law enforcement and national security requirements.

In compliance with the EU-U.S Data Privacy Framework (EU-U.S DPF), the UK Extension to the EU-U.S DPF, and the Swiss-U.S Data Privacy Framework (Swiss-U.S DPF) Principles, doeLEGAL commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the EU-U.S DPF, the UK extension to the EU-U.S DPF, and the Swiss-U.S Data Privacy Framework  Principles. European Union, United Kingdom, and Swiss individuals with inquiries or complaints should first contact doeLEGAL, Inc. at:
Zac Schindler, Director of Information Technology Privacy & Security Team Leader doeLEGAL, Inc. 1200 Philadelphia Pike Wilmington, Delaware 19809 302-798-7500 info@doelegal.com

doeLEGAL, Inc. has further committed to refer unresolved privacy complaints under the Data Privacy Framework program to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2

Any information that we collect on you may be accessed by contacting our web administration at: doeLEGAL, Inc. 1200 Philadelphia Pike Wilmington, Delaware 19809.  We will require proof of identity prior to releasing any information to protect individuals’ rights to privacy. Should you have any disputes regarding any information collected, you may open a dispute case with the web administration by contacting us with a detailed outline of the disputed information as well as the correct information. If your request is to purge our system of your information, please state that in the letter. Mail the correspondence to the address shown above. We will evaluate your request and respond in the most appropriate manner. If you provide your email address, we will email you prior to any action to ensure your wishes are adequately met. Our dispute resolution policy is on file and can be viewed by anyone by emailing the administrator of our website at the following address:info@doelegal.com. We publish this policy to adhere to all Data Privacy Principles.

How we share information with others

Information about your doeLEGAL purchases or contracted services is maintained in association with your profile account. The personal information the doeLEGAL collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval. On occasion, doeLEGAL engages third parties to mail information to you. “Third parties” include software doeLEGAL uses to efficiently and effectively send emails to our user and prospect database using stored information visitors have provided to help us identify their business role, the business needs, email addresses, and business location. We store this information in our secure servers and never sell any part of it. If you wish to have your information purged or to know what is stored, please email doeLEGAL’s Marketing Department at info@doelegal.com.

Notification of Changes

If we decide to change our privacy policy, we will post those changes on our Web Site so you will always be aware of what information we collect, how we use it, and under what circumstances we disclose it. If at any point, we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we would notify you by email. You will then have a choice regarding whether we use your information in this different manner. We will use information in accordance with the privacy policy in effect at the time that the information was collected.

Choices Available to the User, Including Access & Accuracy

doeLEGAL provides the following choices regarding the use of your information. You may set your browser to: (1) inform you when cookies are being set before a cookie is stored; (2) not accept cookies at all; and (3) erase all cookies from your hard drive. However, if you choose to reject or erase cookies, your ability to navigate our Web Site may be limited. You may choose not to provide doeLEGAL with any contact information. However, if you opt-out in this way, we will be unable to respond to your requests, sign you up as a doeLEGAL registered user, or allow you to participate in other doeLEGAL Web Site services that require personal information. Additionally, your ability to navigate our site may be limited. If you would like to opt-out of receiving further information from doeLEGAL or its partners, send an email to marketing@doelegal.com. Under the CCPA, requests to have all data removed should be sent to the before-mentioned email address, marketing@doelegal.com. If you email us, please include your name and email address in the body of the email and reference “Remove” on the subject line. If you would like to change or modify the information you have previously provided us, please send a detailed emailmarketing@doelegal.com. If you have any questions about this privacy policy or the practices of our Web site, please contact marketing@doelegal.com for a full explanation. You may also send in your request to have your data deleted from doeLEGAL servers by submitting the form found here with a request to remove personal data. In the unlikely event of a merger, acquisition, or bankruptcy all personal information will be purged and server drives are rendered unreadable. No information will be shared in any way with companies in these events. doeLEGAL.com will not sell, rent, loan, trade, or lease personal information collected at this site. Personal information may be disclosed to judicial or other government agencies subject to warrants, subpoenas, or other government orders including to meet national security or law enforcement requirements.

Third-Party Links

This Web site may contain links to other sites. PLEASE BE AWARE THAT WE ARE NOT RESPONSIBLE FOR THE PRIVACY PRACTICES OF OTHER SITES. Some third-party companies we work with collect data from web traffic. These parties hold all collected data as proprietary and will not disclose any visitor or client data to any other party, enforceable by our contracted terms. doeLEGAL acknowledges the potential liability in cases involving onward transfers of Data Privacy data to third parties. We encourage our users to read the privacy statements of each and every Web site that they visit.  We collect only basic data in our CRM, Web site tracking, social media, business partnerships, advertising sourcing, outbound marketing, and other outside vendor tools. We do not share that collected data with any other third parties not under contract. These collected data sources are used to better identify messaging for marketing purposes, to identify general metrics for Web traffic, to identify leads and client activity for sales, and to report on market/ Web site trending within our business market verticals. doeLEGAL does not forward, transmit, or disclose data received from clients as part of our contracted business services to any outside third parties without prior client request, agreement, and consent.

Data subject rights

To the extent that GDPR applies to the processing of data subjects information, this Privacy Notice is intended to provide you with information about what personal data the doeLEGAL collects about you and how it is used. If you have any questions, please contact us at info@doelegal.com.

If you wish to confirm that doeLEGAL is processing your personal data, or to have access to the personal data doeLEGAL may have about you, please contact us at info@doelegal.com.

CCPA Updates and Service Provider Definition

CCPA’s Service Provider Definition:

The California Consumer Privacy Act defines a service provider as a for-profit legal entity that processes personal information on behalf of a business pursuant to a written contract for a business purpose. Businesses use service providers and share personal information with them’ therefore it is not considered a sale of personal information under the law if the sharing of personal information is necessary to perform a business purpose, the business has provided notice that the information is being used or shared, and the service provider does not further collect, sell, or use the personal information of the consumer except as necessary to perform the business purpose.

To fall within the scope of the CCPA for service providers, the business must also meet one of the additional three criteria:

  • Have $25 million or more in annual revenue; or
  • Possess the personal data of more than 50,000 “consumers, households, or devices” or
  • Earn more than half of its annual revenue selling consumers’ personal data.

doeLEGAL does not meet any of these criteria shown above, but we do take data privacy and visitor information security seriously. We notify website visitors that PII may be collected during their use of our website to comply with “notification,” but it is safeguarded and never shared. Visitors may request the information or request that any be deleted in compliance with our privacy policies.

Security of your information

To help protect the privacy of data and personally identifiable information you transmit through the use of this Web site, we maintain physical, technical, and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.

Data storage and retention

Your personal data is stored by doeLEGAL on its servers, and on the servers of the cloud-based database management services doeLEGAL engages, located in the United States. doeLEGAL retains data for the duration of the customer’s business relationship with doeLEGAL. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact the IAPP’s data protection officer at info@doelegal.com

Changes and updates to the Privacy Notice

As our organization changes from time to time, this Privacy Notice is expected to change as well. We reserve the right to amend the Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice at the Web site. We may email periodic reminders of our notices and terms and conditions and will email of material changes thereto, but you should check the Web site frequently to see the current Privacy Notice that is in effect and any changes that may have been made to it.

This privacy statement applies solely to information collected when you visit doeLEGAL’s Web site.

Payment Information

We do not currently provide any form of online payments on our website. If we decide to allow service payments through our website, we will not store personal financial information on any publicly accessible servers or share that data with any outside companies. Credit card and/or PayPal information will be kept in a separate, encrypted, and secure server to provide the security necessary to safeguard all transactions. Please submit requests for reprinting and reproduction of materials by using our online copyright request form, or send requests directly to: info@doelegal.com. For more information, please contact doeLEGAL at 302-798-7500.

Questions, concerns, or complaints

Please contact the doeLEGAL at: 302-798-7500 or info@doelegal.com