PRIVACY NOTICE

Introduction

At Highbridge Law Firm (HBL), we prioritize the privacy and security of our clients' information. This Privacy Policy outlines how we collect, use, share, and protect personal data, in accordance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). By accessing our website or engaging our services, you agree to the practices described in this Policy.

1. Information We Collect

We may collect, but never sell, the following types of personal information:

  • Contact Information: Such as your name, email address, mailing address, and phone number.

  • Client Information: Related to the legal services we provide, including details relevant to case management and consultation.

  • Website Usage Data: Information about your visits to and use of our website, including IP address, browser type, operating system, referral source, and cookie identifiers.

2. Purpose of Data Processing

We collect and process personal data for the following purposes:

  • Providing Legal Services: To facilitate communication, manage cases, and conduct our legal practice effectively.

  • Client Communication: To keep you informed about your matters and relevant legal developments.

  • Marketing and Updates: With your consent, to send newsletters or updates about our services and for internal analytics.

  • Website Functionality: To maintain, improve, and secure our website and user experience.

3. Legal Basis for Processing

Our data processing is conducted under the following legal bases:

  • Consent: For marketing communications and website analytics, as applicable.

  • Contractual Necessity: To provide legal services and manage your matters.

  • Legitimate Interests: For internal business purposes, such as improving our services and ensuring website security.

4. Data Sharing and Third Parties

We may share personal data with trusted third parties under these circumstances:

  • Service Providers: Who assist in our operations, such as IT support and client management systems.

  • Legal Authorities: When required by law or in response to valid legal processes.

  • Business Partners: With whom we collaborate for case management or joint service delivery, as necessary.

We ensure that these third parties uphold the same level of data protection.

5. Data Retention

We retain personal information only for as long as necessary for the purposes outlined in this policy or as required by law. Data retention periods are based on the type of information and legal requirements applicable to the information.

6. Your Rights and How to Exercise Them

As a data subject, you have the following rights regarding your personal information:

  • Access: Request access to the data we hold about you.

  • Correction: Request corrections to inaccurate or incomplete data.

  • Deletion: Request deletion of data under certain circumstances.

  • Restriction and Objection: Restrict or object to our processing of your data in certain cases.

  • Data Portability: Request to receive your data in a structured, commonly used, and machine-readable format.

To exercise any of these rights, please contact us at [Your Contact Email/Phone Number].

7. Compliance with Privacy and Encryption Standards for Attorneys

Highbridge Law Firm (HBL) is dedicated to adhering to stringent data protection and client confidentiality standards, aligning with the American Bar Association’s guidelines and best practices for legal professionals. Our data protection measures include:

  • Google Workspace Security and Compliance: HBL uses Google Workspace, which is certified for SOC 2 and SOC 3, ensuring Google’s systems are designed to keep client information secure. Google Workspace also maintains ISO 27001, ISO 27017, and ISO 27018 certifications, covering information security management, cloud security, and personal data protection. For cases involving protected health information (PHI), Google Workspace can sign a Business Associate Agreement (BAA) to ensure HIPAA compliance.

  • Encryption Standards: We secure all data with Advanced Encryption Standard (AES) 256-bit encryption and utilize Transport Layer Security (TLS) to protect data in transit. These protocols ensure that client data remains secure and accessible only to authorized parties.

8. International Data Transfers

In the highly unlikely event we transfer your data outside of our jurisdiction, we will ensure that appropriate safeguards are in place to protect the data in compliance with applicable data protection laws.

9. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience. You can control your cookie preferences through your browser settings.

10. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal obligations.

11. Contact Us

If you have questions about this Privacy Policy or our data handling practices, please reach out to us.