Security and Compliance at SpeedLegal
Last Updated: 11/27/2020
Data Collection & Use
To provide you with the best possible Services, SpeedLegal may ask you to provide us with certain personally identifiable information. This information may include: your first name, last name, email address, as well as information about your device and usage (such as IP address), and cookie data (explained below). SpeedLegal does not share your personally identifiable information with third parties. SpeedLegal may use this data to maintain the quality of our Services, notify you about changes, allow you to participate in interactive features of our Service, provide customer support, to detect and prevent technical issues.
SpeedLegal’s Application Development Policy requires that our engineers performing development tasks employ information security steps to ensure the protection of sensitive information, application availability, and data integrity. The SpeedLegal application servers respond only to SSL-encrypted HTTP calls. Our SSL certificates are signed by an industry-leading certificate authority with a minimum 1024-bit encryption.
On average over an annual basis, our uptime exceeds 99.9%, including scheduled maintenance windows. The Risk Committee and Security Management Team work together on SpeedLegal’s Business Continuity Plan and Disaster Recovery Procedure, which is tested every year.
Data is stored in triplicate in different Google Cloud geographical locations, with 99.999999999% yearly durability. User work-product is backed up in this same fashion 6 times a day. Recovery is provided as part of Google’s cloud offerings.
We employ state-of-the-art practices to prevent cross-site scripting and cross-site request forgery. Access to data can be restricted by user or security group. All user activity is fully logged on the system. We store when users log in and out, and every action they take on the site – down to which pages of which documents they view. This information is visible both to us and to the case administrators, so any suspicious activity can be detected and acted upon quickly.
Data Retention, Return and Destruction
Unless otherwise specified, we purge user data at the conclusion of the case. When a customer requests deletion, SpeedLegal will destroy the user data and delete the case from the servers. SpeedLegal will comply with contractual requirements to provide proof of deletion.
Like many websites, we may use “cookies.” A cookie is a piece of data stored on a user’s device containing information about the user’s visit. Cookies are stored in various types and have different purposes. You can find more information on cookies, at: https://www.ftc.gov/site-information/privacy-policy/internet-cookies.
Security of Information
The security of your data is important to us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure, due to the nature of the Internet. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
Third-Party Service Providers
We may share your information with third-party service providers who are working on our behalf and require access to your information to carry out that work, such as to process billing or as it relates to a Service feature. We may also share information with third-parties to comply with legal requirements. These service providers are authorized to use your personal information only as necessary to provide services to SpeedLegal.
Our Service does not address anyone under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with personal information, please contact us. If we become aware that we have collected personal information from Children without verification of parental consent, we will take steps to remove that information from our servers. Children should always ask for permission before using the Internet.
SpeedLegal does not disclose the personal information we collect about you to third-parties for their direct marketing purposes. However, should we ever share for this purpose, California’s Shine the Light law permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the personal information we disclosed to third-parties for direct marketing purposes in the last 12 months. If you are a California resident and would like a copy of this notice, please contact us at firstname.lastname@example.org. Please note that not all information sharing is covered by Shine the Light requirements and only information on covered sharing will be included in our response.
A Note about Do Not Track (“DNT”)
Some browsers offer a “do not track” (“DNT”) option. Because no common industry or legal standard for DNT has been adopted by industry groups, technology companies, or regulators, we do not respond to DNT signals. We will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.
405A Howard St - 10th Floor
San Francisco, CA 94105