Privacy Policy

Last Updated: [November 7, 2024]

Welcome to the Lexopulus website (the “Site”) and application (the “App” together with the Site, the “Services”). This Privacy Policy explains what Personal Data (defined below) we collect in connection with the Services, how we use and share that data, and your choices concerning our data practices. This policy applies only to information we collect via the Services and in email, text, and other electronic communications sent through or in connection with the Services. Any capitalized terms not otherwise defined in this Privacy Policy have the meaning assigned to them in our Terms of Service.

This policy DOES NOT apply to information that you provide to or is collected by any third party, or which is collected outside of the Services (see “Third-Party Information Collection”).

This Privacy Policy is incorporated into and forms part of our End User License Agreement.

Before using the Services or submitting any Personal Data to Lexopulus, please review this Privacy Policy carefully and contact us at privacy@lexopulus.com if you have any questions. By using the Services, you agree to the practices described in this Privacy Policy as well as authorize Lexopulus, its third parties and service providers to process your Personal Data for the purposes set out below.

If you do not agree to this Privacy Policy, please do not access the Site, the App or otherwise use the Services.

1. Date Controller

Firm Data, Inc. (“we”, “us”, “our”, “Lexopulus”) will be the entity responsible for your data. To ask questions or comment about this privacy policy and our privacy practices, you can contact us at:

Email: privacy@lexopulus.com
Postal Address: Firm Data, Inc.
10911 Raven Ridge Road
Suite 103-53
Raleigh, NC 27614

2. Children

Our Services is not directed to or intended for children who are under the age of 18. Lexopulus does not knowingly collect Personal Data from children under the age of 18. If we learn we have collected or received Personal Data from a child under 18 without verification of parental consent, we will delete that information. If you have reason to believe that a child under the age of 18 has provided Personal Data to Lexopulus through the Services please contact us at privacy@lexopulus.com and we will endeavor to delete that information from our databases. This is in compliance with the Children’s Online Privacy Protection Act and Article 6(1)(c) of the GDPR.

3. Personal Data We Collect

We collect information that alone or in combination with other information in our possession could be used to identify you directly or indirectly (“Personal Data”). For the purposes of this Privacy Policy, Personal Data does not include information normally used to contact an individual at their place of business except as required by applicable privacy and data protection law. Personal Data is collected as follows:

Personal Data You Provide. We collect Personal Data from you when you register an account with us including your name, email address, password and phone number and other similar identifiers. If you are a Clio user, we will collect your Clio UserID and Clio password for authentication and login. We collect and process the Personal Data that you provide when you create and fill out intake forms for potential and current clients using our Services such as client names, contact information and any other information that is included in the intake form.

Automatically Collected Information. When you visit, use, and interact with the Services, to the extent permitted by applicable law, we may receive certain information about your visit, use, or interactions.

For example, in order to assist with troubleshooting and subscription monitoring, we may collect information about your device, operating system, browser, and IP address.

Cookies Data: Please see the “Cookies” section below to learn more about how we use cookies.
Usage Data: We may collect information about how you use our Services, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency, and duration of your activities.
Location Data: We may derive a rough estimate of your location from your IP address.

Cookies: We may use cookies to operate and administer our Site, gather usage data on our Site, and improve your experience on it. A “cookie” is a piece of information sent to your browser by a website you visit. Cookies can be stored on your computer for different periods of time. Some cookies expire after a certain amount of time, or upon logging out (session cookies), others survive after your browser is closed until a defined expiration date set in the cookie (as determined by the third party placing it) and help recognize your computer when you open your browser and browse the Internet again (persistent cookies). For more details on cookies please visit All About Cookies.

On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive a notification when you are receiving a new cookie and how to turn cookies off. Please see the links below for guidance on how to modify your web browser’s settings on the most popular browsers:

Unless otherwise allowed by applicable law, we will only collect, use, or communicate your Personal Data with your consent. You are generally not obliged to provide your personal information, however please note that we may be unable to provide some or all of our services to you if you refuse to provide certain personal information.

Do Not Track Signals: Our Site currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so.

Third-Party Information Collection Through the Services: Some features of the Services are served by third parties (“Third-Party Services”). When you use the Services, certain third parties may use automatic information collection technologies to collect information about you or your device. These third parties may include: Clio, if applicable, payment processing providers and cloud storage providers. These Third-Party Services processes your information for the purpose of providing the relevant services which are incorporated into our Services. For example when you make a purchase through the Services, your payment is processed by a third-party payment processor. This payment processor may collect Personal Data about you in connection with your purchase. The Personal Data that we receive from Third-Party Services is covered by this privacy policy, while their processing of your information is covered by their privacy policy. Please see the list of Third-Party Services below.

Clio – Information about Clio’s data practices may be found in its privacy policy available here:
https://www.clio.com/privacy/
LegalServer – Information about LegalServer’s data practices may be found here:
https://www.legalserver.org/privacy/
Stripe – Information about Stripe’s data practices may be found here: https://stripe.com/enit/legal/privacy-center
Amazon Web Services – Information about AWS’s data practices may be found in its privacy policy
available here: https://aws.amazon.com/privacy/

Information about Third Parties. As a user of Third-Party Services, we may get information about you from ThirdParty Services and we may add the information we get from such Third-Party Services, including Personal Data of third parties. You represent and warrant that you will only enter Personal Data if you have the legal authority to do so (including consent where consent is legally required). You represent and warrant that you will practice data minimization principles and only input the limited personal information required for the purpose of using the Third-Party’s Services.

Social Media Pages: We also have pages on social media sites like LinkedIn, Instagram, and Facebook (“Social Media Pages”). The Social Media Pages are operated by the owners of the relevant social media platforms and the collection of information by third parties on the Social Media Pages is governed by the privacy policy of the applicable platform. When you interact with our Social Media Pages, we may also collect, to the extent permitted by applicable law, Personal Data that you elect to provide to us, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.

4. Our Legal Bases For Processing Your Information

When we collect or otherwise process any of your Personal Data, we do so in reliance on the following legal bases:

Your consent. If you have provided us with your consent to process your information for a specific purpose we will do so based on your consent. You may withdraw your consent at any time by following the instructions provided below in the “Your Rights and Choices” section below. Please note that we may be unable to provide some or all of our services to you if you refuse to provide certain Personal Data.
Performance of a Contract with You. When the processing of your Personal Data is necessary in order for us to perform a contract with you, such as the EULA or Terms of Services associated with App or the Site, or when you request that we process your information prior to entering into a contract with you, we will do so on this basis.
Our Legitimate Interests. When we believe the processing of your Personal Data is reasonably necessary in order for us to achieve our legitimate interests in conducting and managing our business and our relationship with you, we will do so on this basis, including the legitimate interest we have in:
- personalizing, enhancing, modifying or otherwise improving the services and/or the communications that we provide to you;
- retaining and engaging you and our other users;
- detecting and preventing fraud and operating a safe and lawful business; and
- improving the security and optimization of our network, sites and services.
When we use your information for our legitimate interests, we take into account any potential impact that such use may have on you by balancing our legitimate interests against your interests, rights and freedoms. We will not use your information if there is a less intrusive way for us to achieve our legitimate interests or if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation).
Our Legal Obligations. When we believe that the processing of your information is necessary in order for us to comply with our legal obligations (such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved) we will do so on this basis.
Vital Interests. When we believe that the processing of your information is necessary in order to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person, we will do so on this basis.

5. How We Use Personal Data

We may use Personal Data for the following purposes:

To provide, support and maintain the Services and its contents, and any other information, or services that you request from us.
To provide you with customer support.
To communicate about promotions, upcoming events, and other news about our services with your consent.
To respond to your inquiries, comments, feedback, or questions regarding the Services.
To evaluate potential candidates for employment.
To send administrative information to you, for example, information regarding the Services and changes to our terms, conditions, and policies.
To optimize, develop, and improve the Services.
To respond to you if you contact us.
To fulfill any other purpose for which you provide it.
To analyze how you interact with our Services;
To maintain and improve the Services;
To develop new products and services;
To prevent fraud, criminal activity, or misuses of our Services, and to ensure the security of our IT systems, architecture, and networks; and
To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.
For any reason that we described to you when collecting your Personal Data or for any reason for which you’ve provided us with your consent.
To help maintain the safety, security, and integrity of the Services, our IT systems, architecture, networks, databases and other technology assets.
To protect the rights, interests, and safety of us, you, and any third parties, and to exercise and defend our rights.
To otherwise use with your consent or as required or authorized by applicable law.
To create anonymous, de-identified, or aggregated datasets (“Aggregated Information”). Such datasets would not be “Personal Data” subject to this Privacy Policy. We may use anonymous, de-identified, or aggregated datasets for any purpose. For more information about Aggregation Information see below.

The usage information we collect helps us to improve our Services and to deliver a better and more personalized
experience by enabling us to:

Recognize you when you use the Services.
Estimate our audience size, demographics and usage patterns.
Store your preferences, consents and other user settings locally on your device.
Comply with your consents.
Understand how well Services features are working and whether users are having issues.
Identify and correct software defects.
Prevent fraud and illegal behavior by detecting behavior patterns that indicate such activity.

Aggregated Information: We may aggregate Personal Data and use the aggregated information to analyze the effectiveness of our Services, to improve and add features to our Services, and for other similar purposes. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information like general user statistics with prospective business partners. We may collect aggregated information through the Services, through cookies, and through other means described in this Privacy Policy.

6. Sharing And Disclosure Of Personal Data

In certain circumstances we may share the categories of Personal Data described above without further notice to you, unless required by the law, with the following categories of third parties:

Vendors and Services Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with vendors and service providers, including providers of hosting services, cloud services, and other information technology services providers, email communication software and email newsletter services, advertising and marketing services, payment processors, customer relationship management and customer support services, and analytics services. Pursuant to our instructions, these parties will access, process, or store Personal Data in the course of performing their duties to us.
Business Transfers: We may disclose your information to our subsidiaries and affiliates. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider (collectively a “Transaction”), your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate as part of that Transaction along with other assets.
Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (i) comply with a court order, regulatory request, legal or regulatory proceedings, or other legal obligations, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Services, or the public, or (v) protect against legal liability.
Enforcing our Rights: We may disclose your information as necessary to enforce our rights arising from any contracts entered into between you and use, such as our Terms of Use.
Necessary for Purpose: We may disclose your information as necessary to fulfill the purpose for which you provided it.
With Your Consent: We may disclose your information with your consent.
Other purposes: We may disclose your information for any other purpose disclosed by us and accepted by you when you provide the information, or that are otherwise authorized or required by law.

7. Where, How And How Long We Store Your Information

All information that we collect is stored in the US or Canada. The information of US-based customers is stored in the United States and the information of Canadian-based customers is stored in Canada. We store all Personal Data securely using third-party vendors who implement industry standard security measures. By using the Services, you authorize us to receive, process, transfer, and store your information in and to the United States or Canada, as applicable.

We keep your information only for the length of time reasonably necessary to fulfill the business and legal purposes for which the information was collected. For example, if you have an account with us, we will retain the Personal Data associated with your account for the lifetime of your account and for a reasonable period of time thereafter if necessary. For most types of information our default retention period is 18 months. If applicable laws require us to store your information for a longer period, then we will keep your information for the period required by applicable law.

Cross-border Data Transfers: Where cross-border transfers of data are necessary, we will take reasonable steps to safeguard the privacy of your Personal Data. These steps may include implementing standard contractual clauses where recognized by law, obtaining your consent, or other lawful means of transferring Personal Data. You understand that the other jurisdictions may have data protection rules that are different from those of your
country, and that your information may be accessible to law enforcement and other lawful authorities, in accordance with locally applicable laws.

8. Data Security

We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure by partnering with third parties who use industry standard security measures to protect your information.

Unfortunately, the transmission of information via the internet and mobile platforms is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted through our Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures we provide.

9. Your Rights And Choices

In certain circumstances providing Personal Data is optional. However, if you choose not to provide Personal Data that is needed to use some features of our Services, you may be unable to use those features.

We strive to provide you with choices regarding the Personal Data you provide to us. This section describes mechanisms we provide for you to control certain uses and disclosures of over your information.

Disabling Cookies: You can limit cookie collection by disabling cookies in your browser settings. Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the Site and you may not be able to benefit from the full functionality of the Site.
- Advertising networks may use cookies to collect Personal Data. Most advertising networks offer you a way to opt out of targeted advertising. If you would like to find out more information, please visit the Network Advertising Initiative’s online resources at http://www.networkadvertising.org and follow the opt-out instructions there.
- If you access the Site on your mobile device, you may not be able to control tracking technologies through the settings.
Updating or correcting your information: Please email us at privacy@lexopulus.com if you need to change or correct your Personal Data.
Promotion by us: If you have opted in to receiving email communications from us and you want us to discontinue using your email address to promote our own or third parties’ products or services, you can opt-out by clicking the unsubscribe link at the bottom of our emails and following the instructions provided.
Deleting Your Personal Data: We provide all of our data subjects with the Right to be Forgotten (also known as the Right to the Deletion of your Personal Data ), whether or not you reside or are a citizen of the European Union or the United Kingdom. Please email us at privacy@lexopulus.com if you would like us to delete your Personal Data.

Please note however that the Right to be Forgotten is not an absolute right. The Right to be Forgotten only applies to the following types of Personal Data that are held by us at the time of the request:
- Personal Data that was processed on the basis of consent,
- Personal Data that was processed on the basis of legitimate interests,
- Personal Data processed on a basis other than consent or legitimate interests that is no longer required for the purpose for which it was original collected or processed,
- Personal Data that was processed unlawfully,
- Personal Data that must be deleted in order to comply with a legal obligation, or
- Personal Data of a child.
Third parties: We do not control third parties’ collection or use of your information to serve interestbased advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. For more information about the third parties that collect data through the Services, see the “Third Party Information Collection” section above to understand which
third parties have access to your Personal Data through the Services. You can consult their privacy policies
to see if they offer additional options for limiting collection.

Canadian Residents: If you are a resident of Canada, you may have the following rights regarding your Personal
Data that we hold, subject to any conditions or limitations set out in applicable law:

The right to be informed – You have the right to be informed about our practices as they relate to your Personal Data. We meet this obligation by providing you with this Privacy Policy.
The right to access – You have the right to request Lexopulus provide you with copies of your personal data. These rights are not absolute but subject to limits in applicable law. We may charge you a small fee for this service.
The right to rectification – You have the right to request that Lexopulus update and correct any information you believe is inaccurate. You also have the right to request Lexopulus to complete information you believe is incomplete.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please email us at privacy@lexopulus.com.

Personal Information Rights for California Residents:
Shine the Light. Under California Civil Code Section 1798.83, (the “Shine The Light” law), California residents who use the Services may request and obtain from us, once a year and free of charge, information about categories of Personal Data (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared Personal Data in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

Minors. California residents who have an account with us and who are under 18 years of age have the right to request deletion of any data that such users post on the Services, if any. To request deletion of such data, please contact us using the contact information provided below and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Services, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g., backups, etc.).

10. Changes To The Privacy Policy

The Services and our business may change from time to time. As a result we may change this Privacy Policy at any time. When we do we will post an updated version on this page, unless another type of notice is required by the applicable law. By continuing to use our Services or providing us with Personal Data after we have posted an updated Privacy Policy, or notified you by other means if applicable, you consent and agree to the revised Privacy Policy and practices described in it.

11. Contact Us

If you have any questions about our Privacy Policy or information practices, please email us at privacy@lexopulus.com.