Security and Compliance at SpeedLegal

Last Updated: 11/27/2020

Introduction
SpeedLegal ("us", "we", or "our") takes your privacy very seriously. The scope of this Privacy Policy covers both your use of the SpeedLegal.io website and SpeedLegal’s Software and Platform (“Services”). This Privacy Policy governs data collection and usage. By using the SpeedLegal.io website and Services, you consent to the data practices described in this statement.

Data Collection & Use
To provide you with the best possible Services, SpeedLegal may ask you to provide us with certain personally identifiable information. This information may include: your first name, last name, email address, as well as information about your device and usage (such as IP address), and cookie data (explained below). SpeedLegal does not share your personally identifiable information with third parties. SpeedLegal may use this data to maintain the quality of our Services, notify you about changes, allow you to participate in interactive features of our Service, provide customer support, to detect and prevent technical issues.

Application Security
SpeedLegal’s Application Development Policy requires that our engineers performing development tasks employ information security steps to ensure the protection of sensitive information, application availability, and data integrity. The SpeedLegal application servers respond only to SSL-encrypted HTTP calls. Our SSL certificates are signed by an industry-leading certificate authority with a minimum 1024-bit encryption.

System Availability
On average over an annual basis, our uptime exceeds 99.9%, including scheduled maintenance windows. The Risk Committee and Security Management Team work together on SpeedLegal’s Business Continuity Plan and Disaster Recovery Procedure, which is tested every year.

Data Backup
Data is stored in triplicate in different Google Cloud geographical locations, with 99.999999999% yearly durability. User work-product is backed up in this same fashion 6 times a day. Recovery is provided as part of Google’s cloud offerings.

Access Controls
We employ state-of-the-art practices to prevent cross-site scripting and cross-site request forgery. Access to data can be restricted by user or security group. All user activity is fully logged on the system. We store when users log in and out, and every action they take on the site – down to which pages of which documents they view. This information is visible both to us and to the case administrators, so any suspicious activity can be detected and acted upon quickly.

Data Retention, Return and Destruction
Unless otherwise specified, we purge user data at the conclusion of the case. When a customer requests deletion, SpeedLegal will destroy the user data and delete the case from the servers. SpeedLegal will comply with contractual requirements to provide proof of deletion.

Use of Cookies
Like many websites, we may use “cookies.” A cookie is a piece of data stored on a user’s device containing information about the user’s visit. Cookies are stored in various types and have different purposes. You can find more information on cookies, at: https://www.ftc.gov/site-information/privacy-policy/internet-cookies
We use cookies and similar tracking technologies to understand the activity on our Service and we store certain pieces of information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are used such as beacons, tags and scripts to collect and track information and to improve and analyse our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. Examples of Cookies we use:Session Cookies: We use Session Cookies to operate our Service.Preference Cookies: We use Preference Cookies to remember your preferences and various settings.Security Cookies: We use Security Cookies for security purposes.

Security of Information
The security of your data is important to us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure, due to the nature of the Internet. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

Third-Party Service Providers
We may share your information with third-party service providers who are working on our behalf and require access to your information to carry out that work, such as to process billing or as it relates to a Service feature. We may also share information with third-parties to comply with legal requirements. These service providers are authorized to use your personal information only as necessary to provide services to SpeedLegal.

Google Analytics
SpeedLegal may use Google Analytics as a web traffic analysis tool. You can find the Google Analytics Privacy Policy here: https://policies.google.com/privacy

Children’s Privacy
Our Service does not address anyone under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with personal information, please contact us. If we become aware that we have collected personal information from Children without verification of parental consent, we will take steps to remove that information from our servers. Children should always ask for permission before using the Internet.

California Residents
SpeedLegal does not disclose the personal information we collect about you to third-parties for their direct marketing purposes. However, should we ever share for this purpose, California’s Shine the Light law permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the personal information we disclosed to third-parties for direct marketing purposes in the last 12 months. If you are a California resident and would like a copy of this notice, please contact us at hello@speedlegal.io. Please note that not all information sharing is covered by Shine the Light requirements and only information on covered sharing will be included in our response. 

A Note about Do Not Track (“DNT”)
Some browsers offer a “do not track” (“DNT”) option. Because no common industry or legal standard for DNT has been adopted by industry groups, technology companies, or regulators, we do not respond to DNT signals. We will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact
If you have any questions or concerns about this Privacy Policy, please contact us via email:
hello@speedlegal.io
SpeedLegal, Inc.
405A Howard St - 10th Floor
San Francisco, CA 94105