Privacy Policy

Privacy Policy

Privacy Policy

Privacy Policy

Last updated February 28, 2025

Legora respects your privacy and is committed to securing and protecting any information we have about you. This policy (the “Privacy Policy”) covers our treatment of personal data about you whenever you access or use Legora products, services, features and technologies, including Legora’s website (the “Site”), platform and plug-ins exchanging information with Legora (“Services”). The Privacy Policy also covers other interactions you have with Legora and describes your rights and how you can exercise them. The Site and Services are collectively referred to as “Online Services”. 

You accept this Privacy Policy by using the Online Services. If you have any questions or concerns about the Privacy Policy, please contact us.

1

Roles and responsibility

1

Roles and responsibility

1

Roles and responsibility

Legora’s Services are offered to companies and/or other legal entities for professional use (our “Subscribers”). Our Subscriber agreements govern the delivery and use of the Services (“Subscriber Agreements”). 

This Privacy Policy applies when Legora is the data controller responsible for processing personal data. It does not apply to any input submitted to, output generated by, or documents uploaded to our Services (“Content”). We process Content as a data processor on behalf of our Subscribers (the data controllers), and our processing of Content is governed by the relevant Subscriber Agreement. Any queries related to data that can be used to identify you (“personal data”) included in Content should be directed to our Subscribers. If we receive any rights requests concerning instances where we act as data processor, we will forward them to the relevant Subscriber.

Legora may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy only applies to legora.com, leya.law, app.legora.com and app.leya.law, and not to other websites accessible from Legora or websites that you use to access Legora.

2

What information does Legora collect

2

What information does Legora collect

2

What information does Legora collect

2.1

Information you provide to us

We collect personal data provided to us if you create an account to use our Services or communicate with us as follows:

User account information: We require everyone with access to our Services to have an account with us. When you or your employer creates a Legora account for you, we collect personal data including your name, email address, role, language preferences and account credentials.

Communication information: When you contact us for customer support, feedback, or inquiries, we collect your name, email address, phone number, and any other information you provide us with to assist you or resolve your issue. Legora may monitor and record phone conversations or email communications between you and Legora employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.

Social media information: We have accounts on social media sites like LinkedIn, YouTube and X (“Social Media”). When you interact with our Social Media, we will collect personal data that you elect to provide to us, such as your contact details and third parties that host our Social Media may provide us with aggregate information and analytics regarding your use of our Social Media. 

Survey and contest information: We may provide you the opportunity to participate in surveys on our Site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys or contests is completely voluntary, and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.

Testimonial and review information: We may display personal testimonials or reviews from satisfied users if you have consented to it. If you wish to update or delete your testimonial or review, you can contact us.

2.1

Information you provide to us

We collect personal data provided to us if you create an account to use our Services or communicate with us as follows:

User account information: We require everyone with access to our Services to have an account with us. When you or your employer creates a Legora account for you, we collect personal data including your name, email address, role, language preferences and account credentials.

Communication information: When you contact us for customer support, feedback, or inquiries, we collect your name, email address, phone number, and any other information you provide us with to assist you or resolve your issue. Legora may monitor and record phone conversations or email communications between you and Legora employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.

Social media information: We have accounts on social media sites like LinkedIn, YouTube and X (“Social Media”). When you interact with our Social Media, we will collect personal data that you elect to provide to us, such as your contact details and third parties that host our Social Media may provide us with aggregate information and analytics regarding your use of our Social Media. 

Survey and contest information: We may provide you the opportunity to participate in surveys on our Site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys or contests is completely voluntary, and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.

Testimonial and review information: We may display personal testimonials or reviews from satisfied users if you have consented to it. If you wish to update or delete your testimonial or review, you can contact us.

2.1

Information you provide to us

We collect personal data provided to us if you create an account to use our Services or communicate with us as follows:

User account information: We require everyone with access to our Services to have an account with us. When you or your employer creates a Legora account for you, we collect personal data including your name, email address, role, language preferences and account credentials.

Communication information: When you contact us for customer support, feedback, or inquiries, we collect your name, email address, phone number, and any other information you provide us with to assist you or resolve your issue. Legora may monitor and record phone conversations or email communications between you and Legora employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.

Social media information: We have accounts on social media sites like LinkedIn, YouTube and X (“Social Media”). When you interact with our Social Media, we will collect personal data that you elect to provide to us, such as your contact details and third parties that host our Social Media may provide us with aggregate information and analytics regarding your use of our Social Media. 

Survey and contest information: We may provide you the opportunity to participate in surveys on our Site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys or contests is completely voluntary, and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.

Testimonial and review information: We may display personal testimonials or reviews from satisfied users if you have consented to it. If you wish to update or delete your testimonial or review, you can contact us.

2.2

Information we automatically collect

When you visit, use, and interact with our Services, we will collect certain information about your visit, use, or interactions (“Technical Information”) indirectly, including through automated means from your computer or device, including the following:

Log data: Whenever you visit the Online Services, your browser will automatically send us your IP address, browser type and settings, the date and time of your request, and how you interacted with the Online Services.

Device information: We will automatically collect information about the device you are using to access the Online Services, including name of the device, operating system, browser, referring/exit pages, operating systems, date/time stamps, and clickstream data. The information collected may depend on the type of device you use and its settings.

Usage data: We will automatically collect information about your use of our Services, including, name, email address, the features you use, actions you take, your time zone, location, the dates and times of access, amount of time spent within the Services and types and volumes of queries you submit. We will however never collect or store any data directly related to your Content other than in accordance with the applicable Subscriber Agreement.

Cookies: A cookie is a small string of information that websites you visit transfer to your computer for identification purposes. Cookies can be used to follow your activity on the website and that information helps us to understand your preferences and improve your website experience. Cookies are also used for such activities as remembering your access credentials for our Services. In addition to the cookies used by Legora and our service providers, some cookies are placed by third parties such as Google (for analytics, described below). Legora uses cookies for the following purposes:


  • Essential Cookies: these are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. 

  • Performance and Analytics Cookies: these include Google Analytics and they keep track of the pages that you visit on our Site and the content you access, so we can determine which content is most popular and improve the performance of our website. These cookies primarily record aggregate and anonymous statistical data, but may capture a minimal amount of identifiable information.

  • Functional Cookies: these cookies remember the choices you make, such as language options or the region you are in. They help to make your visit more personal and are deleted automatically when you close your browser or the session expires.

You can turn off all cookies, in case you prefer not to receive them. You can also have your computer warn you whenever cookies are being used. For both options, you must adjust your browser settings (such as Chrome, Safari, Firefox, Edge, or other browser). There are also software products available that can manage cookies for you. Please be aware, however, that when you choose to reject cookies you may limit the features and functionality of our Services.

2.2

Information we automatically collect

When you visit, use, and interact with our Services, we will collect certain information about your visit, use, or interactions (“Technical Information”) indirectly, including through automated means from your computer or device, including the following:

Log data: Whenever you visit the Online Services, your browser will automatically send us your IP address, browser type and settings, the date and time of your request, and how you interacted with the Online Services.

Device information: We will automatically collect information about the device you are using to access the Online Services, including name of the device, operating system, browser, referring/exit pages, operating systems, date/time stamps, and clickstream data. The information collected may depend on the type of device you use and its settings.

Usage data: We will automatically collect information about your use of our Services, including, name, email address, the features you use, actions you take, your time zone, location, the dates and times of access, amount of time spent within the Services and types and volumes of queries you submit. We will however never collect or store any data directly related to your Content other than in accordance with the applicable Subscriber Agreement.

Cookies: A cookie is a small string of information that websites you visit transfer to your computer for identification purposes. Cookies can be used to follow your activity on the website and that information helps us to understand your preferences and improve your website experience. Cookies are also used for such activities as remembering your access credentials for our Services. In addition to the cookies used by Legora and our service providers, some cookies are placed by third parties such as Google (for analytics, described below). Legora uses cookies for the following purposes:


  • Essential Cookies: these are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. 

  • Performance and Analytics Cookies: these include Google Analytics and they keep track of the pages that you visit on our Site and the content you access, so we can determine which content is most popular and improve the performance of our website. These cookies primarily record aggregate and anonymous statistical data, but may capture a minimal amount of identifiable information.

  • Functional Cookies: these cookies remember the choices you make, such as language options or the region you are in. They help to make your visit more personal and are deleted automatically when you close your browser or the session expires.

You can turn off all cookies, in case you prefer not to receive them. You can also have your computer warn you whenever cookies are being used. For both options, you must adjust your browser settings (such as Chrome, Safari, Firefox, Edge, or other browser). There are also software products available that can manage cookies for you. Please be aware, however, that when you choose to reject cookies you may limit the features and functionality of our Services.

2.2

Information we automatically collect

When you visit, use, and interact with our Services, we will collect certain information about your visit, use, or interactions (“Technical Information”) indirectly, including through automated means from your computer or device, including the following:

Log data: Whenever you visit the Online Services, your browser will automatically send us your IP address, browser type and settings, the date and time of your request, and how you interacted with the Online Services.

Device information: We will automatically collect information about the device you are using to access the Online Services, including name of the device, operating system, browser, referring/exit pages, operating systems, date/time stamps, and clickstream data. The information collected may depend on the type of device you use and its settings.

Usage data: We will automatically collect information about your use of our Services, including, name, email address, the features you use, actions you take, your time zone, location, the dates and times of access, amount of time spent within the Services and types and volumes of queries you submit. We will however never collect or store any data directly related to your Content other than in accordance with the applicable Subscriber Agreement.

Cookies: A cookie is a small string of information that websites you visit transfer to your computer for identification purposes. Cookies can be used to follow your activity on the website and that information helps us to understand your preferences and improve your website experience. Cookies are also used for such activities as remembering your access credentials for our Services. In addition to the cookies used by Legora and our service providers, some cookies are placed by third parties such as Google (for analytics, described below). Legora uses cookies for the following purposes:


  • Essential Cookies: these are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. 

  • Performance and Analytics Cookies: these include Google Analytics and they keep track of the pages that you visit on our Site and the content you access, so we can determine which content is most popular and improve the performance of our website. These cookies primarily record aggregate and anonymous statistical data, but may capture a minimal amount of identifiable information.

  • Functional Cookies: these cookies remember the choices you make, such as language options or the region you are in. They help to make your visit more personal and are deleted automatically when you close your browser or the session expires.

You can turn off all cookies, in case you prefer not to receive them. You can also have your computer warn you whenever cookies are being used. For both options, you must adjust your browser settings (such as Chrome, Safari, Firefox, Edge, or other browser). There are also software products available that can manage cookies for you. Please be aware, however, that when you choose to reject cookies you may limit the features and functionality of our Services.

2.3

Information collected from third parties

We may collect information about you from third parties, such as security partners, marketing vendors and event organizers. Our Subscribers may give us information about you, such as your contact details, in order to facilitate us providing our Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.

2.3

Information collected from third parties

We may collect information about you from third parties, such as security partners, marketing vendors and event organizers. Our Subscribers may give us information about you, such as your contact details, in order to facilitate us providing our Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.

2.3

Information collected from third parties

We may collect information about you from third parties, such as security partners, marketing vendors and event organizers. Our Subscribers may give us information about you, such as your contact details, in order to facilitate us providing our Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.

2.4

Publicly available information

We provide access to publicly available information (for example, judgments and decisions) within our Services. Some of this information may relate to individuals and can, in some jurisdictions, be considered personal data. Personal data included in publicly available information is only processed so that our Services can provide more accurate and relevant responses. It is not provided to intentionally identify individuals.

Legora also collects publicly available information about Subscribers and prospects, including name, email address, phone number and other contact details.

2.4

Publicly available information

We provide access to publicly available information (for example, judgments and decisions) within our Services. Some of this information may relate to individuals and can, in some jurisdictions, be considered personal data. Personal data included in publicly available information is only processed so that our Services can provide more accurate and relevant responses. It is not provided to intentionally identify individuals.

Legora also collects publicly available information about Subscribers and prospects, including name, email address, phone number and other contact details.

2.4

Publicly available information

We provide access to publicly available information (for example, judgments and decisions) within our Services. Some of this information may relate to individuals and can, in some jurisdictions, be considered personal data. Personal data included in publicly available information is only processed so that our Services can provide more accurate and relevant responses. It is not provided to intentionally identify individuals.

Legora also collects publicly available information about Subscribers and prospects, including name, email address, phone number and other contact details.

2.5

Aggregated information

Legora may aggregate personal data and use the aggregated information to analyze the effectiveness of our Services, improve and add features to our Services. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information like general user statistics with third parties, publish such aggregated information or make such aggregated information generally available. We may collect aggregated information through the Services, through cookies, and through other means described in this Privacy Policy.

2.5

Aggregated information

Legora may aggregate personal data and use the aggregated information to analyze the effectiveness of our Services, improve and add features to our Services. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information like general user statistics with third parties, publish such aggregated information or make such aggregated information generally available. We may collect aggregated information through the Services, through cookies, and through other means described in this Privacy Policy.

2.5

Aggregated information

Legora may aggregate personal data and use the aggregated information to analyze the effectiveness of our Services, improve and add features to our Services. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information like general user statistics with third parties, publish such aggregated information or make such aggregated information generally available. We may collect aggregated information through the Services, through cookies, and through other means described in this Privacy Policy.

3

How we use your personal data

3

How we use your personal data

3

How we use your personal data

Legora may use your personal data for the following purposes:

  • to provide, administer, maintain, and/or improve our Services;

  • to provide you with support services, resolve issues or reply to your queries;

  • to manage and remember your preferences and customize the Services;

  • to communicate with you, including to send you information or marketing about our Services and events;

  • to analyze and study the effectiveness of our Services and to develop new features and services;

  • to verify your identity, prevent fraud, criminal activity and to ensure the security of our IT systems, architecture, and networks;

  • to prevent misuse of the Services and enforce our legal terms;

  • to comply with legal obligations and legal processes, and;

  • to protect Legora’s rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

The following disclosures are intended to provide additional information about the categories of Personal Information we collect (as defined above), the type of data, how we use each category of Personal Information. These disclosures do not limit our ability to use or disclose information as described above.

Purpose

Types of personal data

Legal basis

Data retention

To manage our customer relationship with you and/or your employer in accordance with our agreements, for each service you use. This includes creating and sending information to you in electronic format (not marketing)

To manage our customer relationship with you and/or your employer in accordance with our agreements, for each service you use. This includes creating and sending information to you in electronic format (not marketing)

To manage our customer relationship with you and/or your employer in accordance with our agreements, for each service you use. This includes creating and sending information to you in electronic format (not marketing)

From you or your employer:

  • User account information

  • Communication information

From other sources:

  • User account information

  • Log data,

  • Device information,

  • Usage data.

From you or your employer:

  • User account information

  • Communication information

From other sources:

  • User account information

  • Log data,

  • Device information,

  • Usage data.

From you or your employer:

  • User account information

  • Communication information

From other sources:

  • User account information

  • Log data,

  • Device information,

  • Usage data.

The processing is necessary for Legora to perform a contract with you and/or your employer (Article 6(1)(b) GDPR).

The processing is necessary for Legora to perform a contract with you and/or your employer (Article 6(1)(b) GDPR).

The processing is necessary for Legora to perform a contract with you and/or your employer (Article 6(1)(b) GDPR).

When the relevant contracts terminate.

When the relevant contracts terminate.

When the relevant contracts terminate.

To be able to perform end user satisfaction surveys, conduct market research as well as ask for reviews from you, through email, text messages, or via other communication channels.

To be able to perform end user satisfaction surveys, conduct market research as well as ask for reviews from you, through email, text messages, or via other communication channels.

To be able to perform end user satisfaction surveys, conduct market research as well as ask for reviews from you, through email, text messages, or via other communication channels.

From you:

  • Survey and contest information

  • Testimonial and review information

From other sources:

  • Technical Information.

From you:

  • Survey and contest information

  • Testimonial and review information

From other sources:

  • Technical Information.

From you:

  • Survey and contest information

  • Testimonial and review information

From other sources:

  • Technical Information.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to perform the personal data processing, that the processing is necessary to achieve that purpose, and that our interest outweighs your right not to have your data processed for this purpose. 

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to perform the personal data processing, that the processing is necessary to achieve that purpose, and that our interest outweighs your right not to have your data processed for this purpose. 

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to perform the personal data processing, that the processing is necessary to achieve that purpose, and that our interest outweighs your right not to have your data processed for this purpose. 

When the contract between us terminates.

When the contract between us terminates.

When the contract between us terminates.

To ensure network and information security in Legora’s Services.

To ensure network and information security in Legora’s Services.

To ensure network and information security in Legora’s Services.

From you:

  • User account information

From other sources:

  • Technical Information.

From you:

  • User account information

From other sources:

  • Technical Information.

From you:

  • User account information

From other sources:

  • Technical Information.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to ensure network and information security, that the processing is necessary to realize that purpose, and that our interest outweighs your right not to have your data processed for this purpose. It is also in your interest as a user and our Subscriber’s interests that we ensure good information security.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to ensure network and information security, that the processing is necessary to realize that purpose, and that our interest outweighs your right not to have your data processed for this purpose. It is also in your interest as a user and our Subscriber’s interests that we ensure good information security.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to ensure network and information security, that the processing is necessary to realize that purpose, and that our interest outweighs your right not to have your data processed for this purpose. It is also in your interest as a user and our Subscriber’s interests that we ensure good information security.

For as long as you are using the Services.

For as long as you are using the Services.

For as long as you are using the Services.

To perform data analysis for development and improving our Services

To perform data analysis for development and improving our Services

To perform data analysis for development and improving our Services

From you:

  • User account information

From other sources:

  • Technical Information.

From you:

  • User account information

From other sources:

  • Technical Information.

From you:

  • User account information

From other sources:

  • Technical Information.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in using your personal data for product development purposes and in analysing customer behaviour in order to improve the service and customer experience. We ensure that the particular processing this entails is necessary to achieve the purpose in question, and that our interest outweighs your right not to have your data processed for this purpose.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in using your personal data for product development purposes and in analysing customer behaviour in order to improve the service and customer experience. We ensure that the particular processing this entails is necessary to achieve the purpose in question, and that our interest outweighs your right not to have your data processed for this purpose.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in using your personal data for product development purposes and in analysing customer behaviour in order to improve the service and customer experience. We ensure that the particular processing this entails is necessary to achieve the purpose in question, and that our interest outweighs your right not to have your data processed for this purpose.

For as long as you are using the Services.

For as long as you are using the Services.

For as long as you are using the Services.

To calculate usage costs in relation to suppliers and Subscribers (if possible, we first anonymize the data).

To calculate usage costs in relation to suppliers and Subscribers (if possible, we first anonymize the data).

To calculate usage costs in relation to suppliers and Subscribers (if possible, we first anonymize the data).

From other sources:

  • Usage data.

From other sources:

  • Usage data.

From other sources:

  • Usage data.

The processing is necessary for Legora to perform a contract with you and your employer (Article 6(1)(b) GDPR) and based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in calculating costs resulting from your usage of our Services.

The processing is necessary for Legora to perform a contract with you and your employer (Article 6(1)(b) GDPR) and based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in calculating costs resulting from your usage of our Services.

The processing is necessary for Legora to perform a contract with you and your employer (Article 6(1)(b) GDPR) and based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in calculating costs resulting from your usage of our Services.

This processing takes place for up to 6 months after using a Service or longer if required under applicable law or to safeguard Legora’s legal rights.

This processing takes place for up to 6 months after using a Service or longer if required under applicable law or to safeguard Legora’s legal rights.

This processing takes place for up to 6 months after using a Service or longer if required under applicable law or to safeguard Legora’s legal rights.

To check and verify your identity.

To check and verify your identity.

To check and verify your identity.

From you:

  • User account information

From other sources:

  • Technical Information

From you:

  • User account information

From other sources:

  • Technical Information

From you:

  • User account information

From other sources:

  • Technical Information

The processing is necessary for Legora to perform a contract with you and your employer (Article 6(1)(b) GDPR).

The processing is necessary for Legora to perform a contract with you and your employer (Article 6(1)(b) GDPR).

The processing is necessary for Legora to perform a contract with you and your employer (Article 6(1)(b) GDPR).

As long as you use the Services.

As long as you use the Services.

As long as you use the Services.

To share your personal data with the categories of recipients described in Section 4 (suppliers and subcontractors and companies within the Legora Group)

To share your personal data with the categories of recipients described in Section 4 (suppliers and subcontractors and companies within the Legora Group)

To share your personal data with the categories of recipients described in Section 4 (suppliers and subcontractors and companies within the Legora Group)

All types mentioned in section 2.

All types mentioned in section 2.

All types mentioned in section 2.

Varies depending on the recipient (see Section 4).

Varies depending on the recipient (see Section 4).

Varies depending on the recipient (see Section 4).

For the entire period during which Legora must retain the data in its systems, for example, to fulfil the agreement with your employer or to comply with applicable law.

For the entire period during which Legora must retain the data in its systems, for example, to fulfil the agreement with your employer or to comply with applicable law.

For the entire period during which Legora must retain the data in its systems, for example, to fulfil the agreement with your employer or to comply with applicable law.

To decide what kind of marketing or marketing surveys we will provide to you. If you do not want us to perform this processing of your personal data, please contact us. We will then cease to use your data for marketing. The processing may constitute profiling.

To decide what kind of marketing or marketing surveys we will provide to you. If you do not want us to perform this processing of your personal data, please contact us. We will then cease to use your data for marketing. The processing may constitute profiling.

To decide what kind of marketing or marketing surveys we will provide to you. If you do not want us to perform this processing of your personal data, please contact us. We will then cease to use your data for marketing. The processing may constitute profiling.

From you:

  • Communication information

  • Social media information

From other sources:

  • Technical Information

From you:

  • Communication information

  • Social media information

From other sources:

  • Technical Information

From you:

  • Communication information

  • Social media information

From other sources:

  • Technical Information

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in identifying which type of marketing we should provide to you. We ensure that the processing this entails is necessary to pursue that interest, and that our interest outweighs your right not to have your information processed for this purpose.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in identifying which type of marketing we should provide to you. We ensure that the processing this entails is necessary to pursue that interest, and that our interest outweighs your right not to have your information processed for this purpose.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in identifying which type of marketing we should provide to you. We ensure that the processing this entails is necessary to pursue that interest, and that our interest outweighs your right not to have your information processed for this purpose.

If you notify us that you are not interested in this processing.

If you notify us that you are not interested in this processing.

If you notify us that you are not interested in this processing.

To provide you with direct marketing and marketing surveys about offers, products or services from Legora, and our affiliates.

To provide you with direct marketing and marketing surveys about offers, products or services from Legora, and our affiliates.

To provide you with direct marketing and marketing surveys about offers, products or services from Legora, and our affiliates.

From you:

  • Communication information

  • Social media information

From other sources:

  • Technical Information

From you:

  • Communication information

  • Social media information

From other sources:

  • Technical Information

From you:

  • Communication information

  • Social media information

From other sources:

  • Technical Information

The processing is based in your consent (Article 6(1) (a) GDPR).

The processing is based in your consent (Article 6(1) (a) GDPR).

The processing is based in your consent (Article 6(1) (a) GDPR).

Either when you notify us that you want to withdraw your consent or if you notify us that you are not interested in this processing/opt-out.

Either when you notify us that you want to withdraw your consent or if you notify us that you are not interested in this processing/opt-out.

Either when you notify us that you want to withdraw your consent or if you notify us that you are not interested in this processing/opt-out.

To protect Legora from legal claims and safeguard Legora’s legal rights.

To protect Legora from legal claims and safeguard Legora’s legal rights.

To protect Legora from legal claims and safeguard Legora’s legal rights.

All types mentioned in Section 2. In the event of a dispute, we may also collect other types of personal data concerning you if we need them to exercise our rights.

All types mentioned in Section 2. In the event of a dispute, we may also collect other types of personal data concerning you if we need them to exercise our rights.

All types mentioned in Section 2. In the event of a dispute, we may also collect other types of personal data concerning you if we need them to exercise our rights.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to protect ourselves from legal claims. We ensure that the processing this entails is necessary to achieve the purpose of the processing, and that our interest outweighs your right not to have your data processed for this purpose.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to protect ourselves from legal claims. We ensure that the processing this entails is necessary to achieve the purpose of the processing, and that our interest outweighs your right not to have your data processed for this purpose.

The processing is based on a balancing of interests (Article 6(1)(f) GDPR). When balancing interests, Legora has determined that we have a legitimate interest in being able to protect ourselves from legal claims. We ensure that the processing this entails is necessary to achieve the purpose of the processing, and that our interest outweighs your right not to have your data processed for this purpose.

This processing takes place for the entire period during which Legora must retain the information in its systems, for example to perform the contract with you and your employer or to comply with applicable law.

This processing takes place for the entire period during which Legora must retain the information in its systems, for example to perform the contract with you and your employer or to comply with applicable law.

This processing takes place for the entire period during which Legora must retain the information in its systems, for example to perform the contract with you and your employer or to comply with applicable law.

4

With whom we share your personal data

4

With whom we share your personal data

4

With whom we share your personal data

In certain circumstances, we may share your Personal Information with third parties without further notice to you, unless legally required, including without limitation in the situations below:

Affiliates: Legora may share your personal data with other entities within the Legora corporate group (our “affiliates”). Legora’s affiliates will only use the personal data we share with them in a manner consistent with this Privacy Policy.

Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share your personal data with vendors and service providers, including providers of hosting services, cloud service providers, and other information technology services providers, event management services, email communication software and email newsletter services, advertising and marketing services, and web analytics services. Pursuant to our instructions, these parties will access, process, or store personal data in the course of performing their duties to us.

Third-party Websites and Services. Our Services may contain links to other websites not operated or controlled by Legora, including social media services (“third-party sites”). The information that you share with third-party sites will be governed by the specific privacy policies and terms of service of the third-party sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the third-party sites directly for information on their privacy practices and policies.

Other users: When you are using the collaboration features within Legora, certain actions you take may be visible to other users of our services.

Plug-Ins. When you are using third party applications and choose to connect your Legora account with such external third-party applications (for example to use our Microsoft Word plug-in) the providers of those services or products may receive information about you from Legora or others. Please be aware that when you use third-party sites or services, their own terms and privacy policies will govern your use of those sites or services. Please contact the supplier of such applications directly for information on their privacy practices and policies.

Business changes: If we are involved in strategic transactions, (such as sale, merger, reorganizations, liquidation, or transition of service to another provider), your personal data and other information may be shared in the diligence process with counterparties and others assisting with the transaction and transferred to a successor or affiliate as part of that transaction along with other assets.

Legal Requirements: Legora may also share your personal data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Services, or the public, or (v) protect against legal liability.

5

International transfers

5

International transfers

5

International transfers

Legora always strives to process your personal data as close to you as possible. By using our Online Services however, you understand and acknowledge that your personal information will be transferred from your location to our facilities and servers in the EU/EEA.

In certain situations, such as when we share your information within the Legora corporate group or with a supplier or subcontractor, your personal data may be transferred outside EU/EEA. Legora always ensures that the same high level of protection applies to your personal data according to the relevant data protection laws, even when the data is internationally transferred. Your rights in respect to your personal data (described in detail in section 6), are not affected when data is internationally transferred. You will find more information about the recipients Legora shares your data with in section 4.

Safety measures Legora uses when conducting international transfers

Countries outside of the EU/EEA or your country of residence may have laws that allow public authorities to request access to personal data stored in the country for the purpose of combating crime or safeguarding national security. Regardless of whether we or any of our providers process your personal data, we will ensure that a high level of protection is guaranteed when transferring that data and that appropriate protection measures have been taken, in accordance with applicable data protection requirements (such as the GDPR). 

Such appropriate safeguards include, but are not limited to:

  • Adequacy decisions. If the relevant authority (e.g. the EU Commission) has decided that the country to which your personal data are transferred has an adequate level of protection, which corresponds to the level of protection afforded by the relevant data protection laws. This means for example that the personal data is still protected from unauthorized disclosure, and that you may still exercise your rights with regard to your personal data,

  • Standard Contractual Clauses. The relevant authority’s standard clauses have been entered into between Legora and the recipient of the personal data. This means that the recipient guarantees that the level of protection for your personal data afforded by the relevant data protection laws still applies, and that your rights are still protected. In these cases, we also assess whether there are laws in the recipient country that affects the protection of your personal data. Where necessary, we take technical and organizational measures so that your data remain protected during the transfer to the relevant country.

  • Derogation. In limited circumstances, we may rely on an exception, or ‘derogation’ under the applicable data protection laws, to transfer your personal data to such country despite the absence of an adequacy decision or standard contractual clauses, such as relying on your explicit consent to that transfer or because it is necessary for the establishment, exercise or defence of legal claims (including regulatory, administrative or any out-of-court procedure, and seeking advice).

  • Data Privacy Framework. If the transfer is covered by a relevant data privacy framework, such as the EU-US Data Privacy Framework, which is an opt-in certification scheme for US companies, administered by the US Department of Commerce. Data privacy framework include sets of enforceable principles and requirements that must be certified to company, ensuring that your data is still being sufficiently protected.

6

What are your rights

6

What are your rights

6

What are your rights

You have several rights under the applicable data protection laws (including the GDPR) related to your control over your personal data and to receive information directly from us on how we process personal data about you. In the following you can read about your rights.

Right to information and access. You have the right to be informed of how we process your personal data. We do this through this Privacy Policy (6) and by answering your questions. You can request information regarding whether we are processing your personal data and ask to receive a copy of your personal data (“data extract”), so called data subject access. Through the data extract you will receive information about what personal data Legora holds about you and how we process it.

Right to rectification. If you believe that your personal data is inaccurate or incomplete, you have the right to ask for it to be corrected or completed.

Right to restriction. If you believe that your personal data is inaccurate, that our processing is unlawful or that we do not need the information for a specific purpose, you have the right to request that we restrict the processing of such personal data. You also have the possibility to request that we stop processing your personal data while we assess your request. If you object to our processing per your right described directly below, you may also request us to restrict processing of that personal data while we make our assessment.

Right to object. You have the right to object to the processing of your personal data which is based on our legitimate interest (Article 6(1)(f) GDPR), by referencing your personal circumstances. If we cannot demonstrate compelling and legitimate grounds to continue processing the personal data, we must cease the processing. You can also always object to our processing of your personal data for direct marketing purposes. If you do so, we will turn off marketing for you, and stop sending it to you.

Right to be forgotten. In some cases, you have the right to have us delete personal data about you. For example, you can request us to delete personal data that we (i) no longer need for the purpose it was collected for, or (ii) process based on your consent and you revoke your consent. There are situations where Legora is unable to delete your data, for example, when the data is still necessary to process for the purpose for which the data was collected, Legora’s interest to process the data overrides your interest in having them deleted, or because we have a legal obligation to keep it.

Right to transfer your personal data (data portability). If we process your personal data to fulfill a contract or on the basis of your consent, you may, in certain cases, be able to obtain the personal data for use elsewhere, e.g. by obtaining a copy of it in a machine-readable format and transmitting it to another data controller.

Right to withdraw consent. In those cases where we process your personal data based on your consent, you have the right to withdraw your consent at any time. When you withdraw your consent, we will stop any processing of personal data which is based on your consent.

Right to lodge a complaint. If you have objections or concerns about how we process your personal data, you have the right to contact, or lodge a complaint with, the relevant authority for privacy protection, which is the supervisory authority for our personal data processing.

To exercise your rights, please contact us at any time. We reserve the right to limit our facilitating such requests to that which is required by applicable law.

In order to protect your personal data from unauthorized access or deletion, we may require you to verify your identity before we will process any request to know or delete personal data. If we cannot verify your identity (and, where applicable, proof of residency) to our satisfaction, we will not provide or delete your personal data. You may submit a request to exercise your rights through an authorized agent. Such an agent must present signed written authority to act on your behalf and must be able to verify your identity (and, where applicable, proof of residency) to our satisfaction.

Rest assured that we will not discriminate against you for making any such request. Your right to access and delete your personal data is important to us, and we will take reasonable steps to verify and process your request promptly. 

Please be aware that even if we delete your personal data, certain residual data may still remain in our backups or archives for a limited period in accordance with our data retention policies and applicable laws.

If you have any questions or concerns about this process or our data deletion practices, please feel free to contact us.

7

How do we keep your personal data safe

7

How do we keep your personal data safe

7

How do we keep your personal data safe

We take significant and appropriate steps to protect your personal data in an effort toprevent loss, misuse, and unauthorized access, disclosure, alteration and destruction. We use appropriate technical and organizational measures to protect your personal information which may include: physical access controls, encryption, intrusion detection and network monitoring depending on the nature of the information and the scope of processing. 

For more information regarding our security measures, please view our Security Policy.

8

How long do we store your personal data

8

How long do we store your personal data

8

How long do we store your personal data

Legora retains your personal information for as long as necessary to fulfill the purposes for which we collected it or longer if that is required under applicable law:

  • If you are a Legora user covered by a Subscription Agreement between your employer and Legora, we will delete your data in accordance with that Subscription Agreement.

  • Personal data that Legora is under a legal obligation to retain, for example under anti-money laundering or bookkeeping laws, is retained for the required periods under applicable laws (generally for 5 or 7 years). 

  • Personal data which is not used for the purposes of a contractual relationship or where Legora does not have a legal obligation to retain the data is only retained as long as necessary to fulfil the respective purpose for our data processing (usually 3 months). 

More information can be found in the table in Section 3

In some limited cases, the personal data may need to be stored for a longer period in order for Legora to protect its legal rights. If we don’t have a legal obligation to retain the personal data, we instead have to make an assessment if we may require the personal data in order to protect Legora from legal claims. 

Please note that just because we have a legal obligation to store your personal data, this does not mean that we are also permitted to use this data for any other purpose.

When we no longer need your personal data, we will delete it or anonymize it in accordance with our data retention policies and applicable laws, or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.

9

Updates to this Privacy Policy

9

Updates to this Privacy Policy

9

Updates to this Privacy Policy

We may update this Privacy Policy from time to time. When the Privacy Policy is updated, we will post an updated version on this page, unless another type of notice is required by applicable law or contractual agreement. By continuing to use our Online Services or providing us with personal data after we have posted an updated Privacy Policy, or notified you by other means, you consent to the revised Privacy Policy.

10

Contact us

10

Contact us

10

Contact us

If you have any questions about our Privacy Policy or any other privacy related issue, please contact us at privacy@legora.com or via mail.

Controller’s Contact Information:
Legora AB, 559338-6872
Box 7242
103 89 Stockholm
Sweden