Website Visitors. You are a website visitor if you browse to lawtoolbox.com without signing in and/or register to attend a LawToolBox web demonstration. Neither LawToolBox nor the LEGAL APPS store any personal information for any Website Visitor. If you navigate to LawToolBox website from an advertisement tracked by a product like Google Ad Words, then Google is the data controller to whom any requests need to be submitted. None of the LEGAL APPS will have any value for an end-user until they sign up and become a registered user.
Registered Users of our Online Services. You are a Registered User if you have a username and account that can be used to access LawToolBox online services.
Information Gathered on Companies or Entities that Subscribe and/or Set Up a Trial Account. LawToolBox collects information on the company or entity of a registered user. This information is leveraged to streamline the setting up user’s underneath that company umbrella. LawToolBox also collects data related to tracking invoices and account ledgers.
Third Party Payment Processor. All credit card transactions are managed through a third-party payor system so LawToolBox does not store any credit card information. Under our agreement with service providers, they are not permitted to store, retain, or use your Personal Information or your billing information except for the sole purpose of credit card processing on our behalf. In certain cases, we may have access to the last four digits of your credit card number, its expiration date, and the billing address, which we will use solely to assist us in providing the product or service you purchased. In addition, we and our service providers may use any information processed pursuant to this section at an aggregate level for internal business analyses and fraud prevention.
Information Gathered on Users Set in Subscribers and/or Trial Accounts. LawToolBox collects registered users’ name, email address, city, state/province, country, and zip/postal code, information on practice area, links to social media and other external websites relevant to the user, and optional information such as fax number. This information is required to verify and validate online services, and inside the product it is used to create a user account, and to populate legal papers and send email reminders. User information may also be used by LawToolBox support to identify registered users who contact LawToolBox, and to send technical and product support information to registered users. Registered users may correct or change the user information stored by LawToolBox by signing in and accessing their user account settings from their home page. Registered users are responsible for maintaining the secrecy of usernames and any password. The apps and add-ins we have developed for Microsoft enables users to login to their account using their Microsoft credentials, and their password is protected by that the Microsoft authentication flow. Users can Registered users are also bound by the terms of the LawToolBox Limitations, License, and Service Agreement, which is the agreement between LawToolBox and any user accessing the LawToolBox web-based software.
Information Gathered on Matters Set Up by Subscribers and/or Trial Accounts. Registered users may submit and/or retrieve certain information about their litigation lawsuits and matters using an encrypted https connection to LawToolBox. Matter information includes things like client name, internal client reference numbers, public case numbers or references, links to external website relevant to the matter, and basic matter information that a legal professional might find useful to have collected under the matter umbrella. LawToolBox also collects “trigger dates” to calculate deadlines using rules-based algorithms, and ad hoc miscellaneous and time-bound appointments specific to individual matters. LawToolBox aggregates these calendar events into deadline charts, and then has various mechanisms to add these deadlines to user’s calendars. In no event does LawToolBox add a calendar event to a user’s calendar without prior consent of a registered user, but instead LawToolBox gives the registered user tools to add deadlines to their calendars, or to add deadlines to other people’s calendars.
Cookies. No personal information is collected through any online cookies. However, when a user authenticates to the LawToolBox add-in for Outlook or Microsoft Teams, cookies are used to store information about the session so that the user doesn’t have to login each time they want to use the product, but these cookies do not send personal information back to LawToolBox and are not used to collect information on the user’s browser or computer habits.
How Information is Used. Trigger dates are used to calculate dependent deadlines that run off that date. All of the different types of deadlines re aggregated into a single matter deadline chart. Our contracts permit LawToolBox to analyze anonymized user data to make predictions about the average length of a matter in a specific venue, the average amount of time a motion is pending before it is resolved, etc. We also collect metrics that can be used by a firm to evaluate how effectively specific individuals or groups within a firm perform in certain tasks. Additionally, we may use your Personal Information as described below:
- We may, from time to time, share Personal Information and other information with partners or other companies who may provide you information about the products and services they offer.
- We may analyze your Personal Information and other information in aggregate form which does not identify you personally. We may share this aggregate data with our affiliates, agents, advertisers, manufacturers, business partners, and to current and prospective business partners and to other third-parties for other lawful purposes.
- We may employ other companies and individuals to perform functions on our behalf. Examples may include providing hosting and network services, information technology support, and customer service. These other companies will have access to the Personal Information we collect only as necessary to perform their functions and to the extent permitted by law.
- LawToolBox may retain, aggregate, use, and resell any non-personal information (including other information) collected in connection with any use of the Sites or our products and services both during your use of the same and after such use has ended.
Storage and Transmission of Personal Information. Personal information that is submitted on LawToolBox is stored in dedicated SQL databases on dedicated LawToolBox servers. Personal information stored on LawToolBox servers is NEVER shared with any third-parties. All employees of LawToolBox, as part of their employment agreements, sign an agreement agreeing to hold any and all client information that may be shared with them by registered users in confidence. Information transmitted over the internet between LawToolBox and registered users, including between LAWTOOLBOX and any registered users that are using any LawToolBox LEGAL APP, is transmitted using encrypted https protocol. You can click on the lock on the https://lawtoolbox.com website to review details about this encryption.
Security Measures Taken to Protect Subscriber Data. LawToolBox employs industry standard security measures to ensure the security of information. However, the security of information transmitted through the Internet can never be guaranteed. LawToolBox is not responsible for any interception or interruption of any communications through the internet or for changes to or losses of information. Users of our sites are responsible for maintaining the security of any password, user ID, or other form of authentication involved in obtaining access to password protected or secure areas of any of our websites. Confidential information like passwords are stored using a method where only the hash of the password is stored in our database. User can use forgot password api for creating new password. In the event of forgot password, forgot password flow will be invoked. We use PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations for hashing. We use new .Net 4.5.1 library from Asp.Net core “Microsoft.AspNetCore.Cryptography. KeyDerivation” for hashing. To protect you and your information, LawToolBox may suspend your use of a website, without notice, pending an investigation, if any breach of security is suspected. Access to and use of password protected and/or secure area of any Progress Software site is restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.
Additional Security Measures. Every employee of LawToolBox, including those doing customer support, undergoes a background check before hiring, and is required to sign an employment agreement where they agree to keep all client information confidential and private. LawToolBox provides every firm with access to a “firm admin” user where the firm can control user permissions (where a user’s access to cases that are shared to them can be limited to “read only” for example) and when a firm member leaves the firm the “firm admin” can withdraw access to every matter they were previously granted access to and then withdraw that user from the firm entirely. Third party integrators that tie directly into our API’s can generate their own unique OATH authentication token. Global Admins for end-users using the LawToolBox365 add-in can log directly into their Azure portal and manage/revoke their authentication token directly from Microsoft https://portalindex.azure.com. All communications to LawToolBox Web App, APIs, and our Office 365 add-in – at rest and in transit – use standard https encryption. LawToolBox365 Office for Legal with Deadlines (Office 365 add-in) uses SSO OpenID as described. This method is described here: https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-how-it-works.
Promotional Communications. We may use personal information to send occasional promotional notices (such as newsletters) about LawToolBox services, unless instructed not to. LawToolBox makes procedures available so that website visitors and registered users can opt out at the time of information submission, or at any time afterwards. The names of people to contact have been developed from traditional networking methods. Different sales people may have different contact lists, but efforts have been made to consolidate all contacts into a single database to facilitate opt-out requests.
External Websites. We may provide links from our LEGAL APP, website or online services to other websites. If you follow these links from our site to theirs, you should be aware that these other sites have their own privacy and data collection practices. LawToolBox has no responsibility or liability for these independent policies. For more information regarding a site and its privacy policies, check that site.
Server Request Logging. As is typical, we log http and https requests to our servers. This means that we know the originating IP address of a website visitor or registered user requesting a URL. We occasionally analyze the log files for maintenance purposes. Logged information is not disclosed outside of LawToolBox staff personnel or those under contract to conduct hardware and software maintenance.
Controlling Your Communication Preferences. Users can turn email reminders of upcoming deadlines off without their user portal or by contacting email@example.com. You can unsubscribing to the marketing communication offerings at any time. However, some non-marketing communications are not subject to general opt-out, such as communications related to product download, sales transactions, software updates and other support related information, patches and fixes, conferences or events for which you have registered, and disclosures to comply with legal requirements, as well as communications with partners, including product alerts, updates, and if material to your use of the product the marketing and sales materials and other notices related to partner status.
Commitment to Children’s Online Privacy. LawToolBox products are not directed at children. LawToolBox does not knowingly accept online Personal Information from children under the age of 18. If you are under 18 or otherwise would be required to have parent or guardian consent to share information with LawToolBox, you should not share any information about yourself.
Corporate Privacy Officer. To contact our Corporate Privacy Officer to address questions regarding LawToolBox privacy practices, please e-mail firstname.lastname@example.org or call 1-888-958-6657, or send a letter addressed to the Corporate Privacy Officer at LawToolBox.com, Inc., PO Box 1766, Denver, Colorado 80217-0666.
Unsubscribe from Mailing List. If you have received electronic correspondence in the past from LawToolBox, and would like to unsubscribe from our mailing list, please send an email to email@example.com, call 1-888-958-6657, or send a letter addressed to the Corporate Privacy Officer at LawToolBox.com, Inc., PO Box 1766, Denver, CO 80217-0666. Please be sure to include your relevant contact details.
Data Service Requests from Free Trial & Subscriber Accounts. Here are some of the types of requests that users can make of LawToolBox:
- Request for information on how your data is used – A description of how your information is set forth in this privacy agreement.
- Requests to access your data – During the term of an active trial or subscription account you may retrieve information about matters you have loaded onto our system, and you may export dates and deadlines to your Outlook or Google calendar. A reasonable fee may be charged to access information for an inactive account, or if you need assistance accessing your data.
- Requests to fix incorrect data – you can manipulate subscription account data by logging into your LawToolBox account, or for certain account configurations your technical support consultant can log onto an admin portal to correct any data. If you believe other account information (such as an invoice) is not accurate please contact firstname.lastname@example.org.
- Request use of your data be restricted – You can request that your emails not be included in marketing or promotional materials, and if you only had a trial account you can ask that your account be deleted which will eliminate all of your data from our anonymized data analytics.
- Objection to use of personal data – You can object being included in marketing or promotional sales lists, and if you only had a trial account you can ask that your account be deleted which will eliminate use of your data from our anonymized data analytics
- Requests to use or port data – During the term of an active trial or subscription account you may retrieve information about matters you have loaded onto our system and download a case information sheet, and you may export dates and deadlines to your Outlook or Google calendar. A reasonable fee may be charged to access information for an inactive account, or if you need assistance porting your data.
- Requests to erase personal data – You can object being included in marketing or promotional sales lists, and if you only had a trial account and represent that you are not relying on any deadlines calculated during your trial, you can ask that your account be deleted. Subscribing accounts can be disabled, but data will not be deleted until all possible statutes of limitations have expired and all potential legal claims by subscriber against LawToolBox are released.
Updated: May 25, 2018
GDPR & Security Questions
Submit Data Service Request