Last updated: June 11, 2023
1. Our approach to privacy
Please ensure that you have reviewed and understood our collection, storage, use and disclosure of your personal information.
2. Collection, Use, and Retention of Personal Information
2.1 Personal Information Provided to Us
We collect personal information about you when you voluntarily submit information to us through communications with us or submissions on the Lega Websites. This could include information you provide to use when you register for the Lega WebsitesLega Service, engage with us on social media, attend an event hosted by Lega, Lega Serviceor use any feature or aspect of the Lega Service. We rely on the information you give us to provide you the Lega Service and to respond to your requests. You are responsible for complying with the applicable laws and other obligations for any personal information that you provide under the situations described in this paragraph. If you do not provide personal information when requested, you may not be able to use the Lega Service if that information is necessary to provide you with the service or if we are legally required to collect it.
2.2 Personal Information Received from Other Sources
Lega may receive additional personal information about you from individuals or entities that are subscribers to the Lega Service and in cases in which you are designated a user of the Lega Service either as a contact, collaborator, or in other such capacity and as such terms are used within the Lega Service. In addition, Lega utilizes a number of other services, including payment and delivery services, advertising networks, analytics providers, search information providers, and other services needed to effectively deliver the Lega Service, and may receive information about you from them under the agreements and restrictions you have with them. We may link or combine the personal information we collect and/or receive about you and the information we collect automatically to provide you with a personalized experience. Your privacy settings on the third-party service normally control what they share with us. Make sure you are comfortable with what they share by reviewing their privacy policies and, if necessary, modifying your privacy settings directly on the third-party service.
2.3 How We Use Your Personal Information
Generally, Lega may use your personal information for the following purposes (collectively, the “Business Purposes”):
(a) to provide you with content and the Lega Service and perform related obligations and those specifically identified under the Lega Terms;
(b) to communicate with you and provide updates about the Lega Service;
(c) to support your use of the Lega Service and communicate with you regarding your use or queries;
(d) to administer the Lega Service for internal uses such as data analytics and product testing as well as to improve the Lega Service€(e) to market, measure, and understand the effectiveness of advertising methods that we use;
(f) to develop new services;
(g) to detect, prevent, and investigate security incidents, potential abuse or misuse, and investigate any security alerts;
(h) to comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts, and law enforcement requests; and
(i) for other legitimate business purposes relating to the Lega Service or our legitimate interests.
Lega will only process personal information for the Business Purposes. Lega may use outside services to help us with accomplishing the Business Purpose; a list of software and the types of personal information used in each is available in Exhibit B. Exhibit B also sets out the categories of personal information you provide to us and that we receive from other sources and how we use that information and related details. Lega further will only process your personal information within the legal bounds of the applicable law in your jurisdiction (See Jurisdiction Addendums).
Further information regarding the collection of your information, the types of data, and the primary purposes for collection and use of such data collected, can be seen at Exhibit A.
2.4 Third Party Plugins
We may share personal information with website plugins or similar third-party services to improve your experience, at your direction, or when you intentionally interact with the plug-in. For example, when you use a third-party service to create or log in to your account, we may share your personal information with that third party service.
2.5 Marketing and Advertising
We may periodically contact you electronically with relevant information about the Lega Service and other products and services offered by Lega. We may use personal information we have received under section 2.1 and 2.2 of this policy to determine the most relevant information to share with you. If you don’t want to hear from us, you can do so by letting us know when you first provide your contact information, by emailing us at firstname.lastname@example.org, or by following the subscription-management link in our emails.
2.6 Social Media
2.7 Address and Browser Information
When you access the Lega Websites, we receive information about the IP address making the request, the date and time of such request, the browser and operating request of the device making the request, the requested URL, the referring website from which you made the request, and other data that allows us to serve you the Lega Websites and optimize the Lega Service. Lega may also collect information relating to usage, such as the number and frequency of visitors to the Lega Websites.
2.8 Limitations on Use of Personal Information
2.9 Anonymization and Aggregation of Data
We may anonymize and aggregate any of the personal information we collect (so that it does not identify you). We may use anonymized information for purposes that include testing our IT systems, internal research and data analysis, improving the Lega Service, and developing new products and features.
2.10 Retention of your Information
We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the Business Purposes, satisfying any legal or reporting requirements, and any other required retention policies. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and the applicable legal and contractual requirements. When the purpose of the data processing has been fulfilled, your personal information will be deleted in accordance with our data retention policy and the Lega Terms, unless we are legally required to retain it. In some circumstances we may anonymize your personal data (so that it can no longer be associated with a user) for purposes that include testing our IT systems, internal research and data analysis, improving the Lega Services, and developing new products and features. Please note that in the course of providing the Lega Service, aggregated, anonymized, or de-personalized information may be retained indefinitely.
2.11 Sharing of Personal Information
In accordance with the Lega Terms, we may be required to disclose personal information in response to lawful requests by government authorities and legal orders. Please consult the Lega Terms for how we handle such requests. Lega may also disclose such information at your own request, when it’s necessary to enforce the Lega Terms, to detect, prevent, or address fraud, technical, or security issues, and to protect our property or legal rights, or those of other parties.
In accordance with the Lega Terms, we may display personal testimonials of satisfied customers on our site, along with other endorsements. If you wish to update or delete your testimonial, you can contact us at email@example.com.
2.14 Business Transactions
We may disclose personal information to third parties in connection with a business transaction. Personal information may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business. If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on the Lega Websites of any change in ownership that impacts the use of your personal information, as well as any choices you may have regarding your personal information.
3. Storing and Transferring your Personal Information
We use industry standard techniques to protect against unauthorized access of your personally identifiable information. We use Transport Layer Security technology (TLS) in sending your private information. We also ensure that our employees only use the information they need to help you and take measures to protect against unauthorized access to their computers.
3.2 Appropriate Safeguards
Lega will implement, and ensure that its agents, sub-contractors and employees implement, appropriate technical and organizational security measures to ensure a level of security commensurate with the risks associated with the processing, such measures to be appropriate in particular to protect against accidental or unlawful destruction, loss, alteration or unauthorized disclosure of or access to your personal information. Notwithstanding the foregoing measures, because the internet is not a completely secure environment, we cannot guarantee the security of any personal information transmitted to the Lega Service or guarantee that information on the Lega Service may not be accessed, disclosed, altered, and/or destroyed by breach of any of our physical, technical and/or managerial safeguards.
You are responsible for maintaining the secrecy of its unique password and account information, and for controlling access to emails between a user and us, at all times. You should limit access to its computer and/or mobile device and/or browser and sign off after you have finished accessing your account. We are not responsible for the functionality, privacy and/or security measures of any other organization and are not responsible for the practices employed by any websites and/or services linked to and/or from the Lega Service, including the information and/or content contained therein.
3.3 Storage of Information
3.4 International Data Transfers
If you are located in the EEA, the UK or Switzerland, we comply with applicable laws to provide an adequate level of data protection for the transfer of your data to the US. Where applicable law requires a data transfer legal mechanism, we use one or more of the following: EU Standard Contractual Clauses with a data recipient outside the EEA or the UK, verification that the recipient has implemented Binding Corporate Rules, or other legal method available to us under applicable law.
4.1 Types and Purpose of Cookies
- Strictly necessary cookies. These cookies are required for the essential operation of our Service such as to authenticate you and prevent fraudulent use.
- Analytical/performance cookies. These cookies allow us to recognize and count the number of visitors and to see how visitors move around our Service when they are using it. This helps us to improve the way our Service works, for example, by ensuring that you can find information easily.
- Functionality cookies. These cookies are used to recognize you when you return to our Service. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our Service, the pages you have visited and the links you have followed. We will use this information to make our Service and the advertising displayed on it more relevant to your interests. We may also share this information with third parties (listed in Exhibit B) for this purpose.
4.2 Opting Out and Blocking Cookies
If you do not wish to have information about you from your use of the Lega Websites and other websites used for such purposes, you can opt-out of certain advertising platforms using the following consumer choice mechanisms:
- Digital Advertising Alliance (DAA)’s self-regulatory opt-out page
- European Interactive Digital Advertising Alliance (EDAA)’s consumer opt-out page
- Network Advertising Initiative (NAI)’s self-regulatory opt-out page
This does not opt you out of generic and other such served ads. You can also block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including those that are necessary cookies for the use of the Lega Service) you may not be able to access all or parts of the Lega Service.
5.1 Third Party Links
5.2 Changes to this Policy
5.4 Contact us
5.5 Other Items
- Third Party Applications/Websites. We have no control over the privacy practices of websites or applications that we do not own.
- Accessibility. If you are visually impaired, you may access this notice through your browser’s audio reader.
- Other. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact us according to the methods above.
Addendum 1: International Jurisdictions
Personal information that you submit through the Services may be transferred to countries other than where you live. We also store personal information locally on the devices you use to access the Services. Your personal information may be transferred to countries that do not have the same data protection laws as the country in which you initially provided the information. The following provisions may apply to you depending on where you are located.
Personal information maintained and processed by our affiliates and third-party service providers in the U.S. and other foreign jurisdictions may be subject to disclosure pursuant to a lawful access request by U.S. or foreign courts or government authorities. We will not provide your information to third parties for marketing purposes without your prior consent.
European Economic Area (EEA) and the United Kingdom (UK)
Addendum 2: GDPR Rights
If you are located in the European Economic Area (“EEA”), the following provisions apply to you, in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the “EEA Applicable Law”)
1. Role of Lega
Where Lega is provided personal information in its capacity of providing the Lega Service to its customers or prospective customers, Lega will act as the Processor. The provider will be the Controller of the personal information. Where Lega collects personal information for any of the Business Purposes, which constitute the legitimate interests of Lega, it will be the Controller for purposes of the EEA Applicable Law. Lega will never collect or process any of the special categories of personal information outlined in the EEA Applicable Law.
2. Duties of the Processor
Lega, when acting as a Processor (as defined in the EEA Applicable Law) agrees to process personal information only on instruction of the Controller (defined in the EEA Applicable Law). Engagement with the Lega Service will constitute approval of processing. Lega agrees that it will delete all personal information upon the termination of services or return the data to the controller upon request.
3. Sub-Processors of Personal Information
Lega, when acting as a Processor, may use sub-processors to manage and store your personal information. The Controller affirmatively consents to any sub-processing necessary for normal business operations by their continued use of the Lega Service. The Processor will remain fully liable to the Controller for any failure by a sub-processor to fulfill its obligations in relation to the processing of any personal information.
4. Confidentiality of Personal Information
In cases in which Lega acts as a Processor as defined in the EEA Applicable Law, and generally, Lega will ensure that its employees, agents, and sub-contractors take reasonable steps to ensure the reliability of any employee, agent or contractor who may have access to the personal information, ensuring in each case that access is strictly limited to those individuals who need to access the relevant personal information, as strictly necessary to the Lega Service in the context of that individual’s duties to Lega.
5. International Transfers of your Personal Information
The personal information we collect may be transferred to and stored in countries outside of the jurisdiction you are in where we and our third-party service providers have operations. If you are located in the EEA, your personal information may be processed outside of the EEA including in the United States; these international transfers of your personal information are made pursuant to appropriate safeguards, and, we will take suitable steps to ensure that your personal information is treated just as safely and securely as it would be within the EEA and under the Applicable Law. Such measures will include having Data Processing Agreements with applicable sub-processors and ensuring that such sub-processors have adequate security and data protection procedures in place aligned with the applicable law. If you have questions about these safeguards, please contact us using the details set out in section 6.4.
6. Rights of the Data Subject
As a data subject, you have the following rights in respect of your personal information that we hold, including in our partner services:
- Right of Access and Portability. To obtain access to your personal information along with certain information, and to receive that personal information in a commonly used format and to have it ported to another data controller.
- Right to Rectification. To obtain rectification of your personal information without undue delay where that personal information is inaccurate or incomplete.
- Right to Erasure. To obtain the erasure of your personal information without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed.
- Right to Restriction. To obtain the restriction of the processing undertaken by us on your personal information in certain circumstances, such as where the accuracy of the personal information is contested by you or the sale of your personal information for a period enabling us to verify the accuracy of that personal information.
- Right to Object. To object, on grounds relating to your particular situation, to the processing of your personal information, and to object to the processing of your personal information for direct marketing purposes, to the extent it is related to such direct marketing.
- Right to Non-Discrimination. To non-discrimination for exercising your rights as outlined in this policy. This includes denying you goods or services, charging you different prices for similar services, or providing a different level or quality of service.
7. Exercise of Rights
Addendum 3: United States
If you are a California resident, the following provisions apply to you, in accordance with the provisions of the California Consumer Privacy Act (“CCPA”) and other applicable provisions of the California Civil Code (namely, section 1798) (together, the “California Applicable Law”), California residents are entitled to certain additional rights as identified in this section.
We collect personal information as outlined in Exhibits A and B. We process, retain, use, and disclose only as necessary to provide the services under the Lega Terms and for the Business Purposes. We do not sell your personal information; and will not sell your personal information without providing you the ability to opt out. Please note that we do use third-party cookies for our advertising purposes as further described above.
A California resident (as defined in the California Applicable Law) has the right to request a list of the categories of personal information collected, a copy of the specific personal information compiled about them, and the deletion of said information. Such a request may be made twice in a given 12-month period. To make such a request, please contact Lega at firstname.lastname@example.org or by mail at Lega Inc., 8 The Green, STE B, Dover, Delaware, 19901. Additional information may be required for identity verification purposes. Lega will not discriminate against California residents who make such a request.
Other California Privacy Rights. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, see Contact Information above.
During the past 12 months we have collected the categories of information listed in Exhibit A about California residents from the listed sources, used it for the listed business purposes and shared it with the listed categories of third parties. This includes information about Website visitors, registered users, employees, vendors, suppliers and any other person interacting with us either online or offline. Not all information is collected about individuals. For instance, we may collect different information from applicants for employment than from customers.
This notice is provided to you pursuant to state law. Nevada state privacy laws permit us to make marketing calls to existing customers, but if you prefer not to receive marketing calls, you may be placed on our internal opt-out list by emailing us at email@example.com or you may also contact the Nevada Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Ste 3900, Las Vegas, NV 89101; telephone 702-486-3132; email: AGCinfo@ag.nv.gov.
If you have a complaint, first contact us by emailing us at firstname.lastname@example.org. If you still have an unresolved complaint regarding the company’s money transmission or currency exchange activity, please direct your complaint to the Texas Department of Banking: 2601 North Lamar Boulevard, Austin, TX 78705-4294; 1-877-276-5554 (toll free); www.dob.texas.gov.
In accordance with Vermont law, we will not share information we collect about you with companies outside of Lega except as required or permitted by law. For example, we may share information to service your accounts, complete requested transactions, or to provide rewards or benefits to which you are entitled.
Information Collected and its Primary Purpose for Collection and Use
CCPA Categorization & Types of Data
Primary Purpose for Collection and Use of Data
Identifiers – this may include name, postal address, phone number, unique personal identifier, online identifier, internet protocol (IP) address, device ID, email address, account name, signature, bar association membership number and related details and other similar identifiers.
We collect information you provide to us to create an account, specifically email address, first & last name, and company information. We also use this information to operate, maintain, and offer the Lega Services.
We have a legitimate interest in providing account related functionalities to our Customers, monitoring account logins, and detecting potential fraudulent logins or account misuse. Additionally, we use this information to fulfill our contract to provide you with Lega Services and for our legitimate interests, including marketing purposes and communications with you relating to your inquiries.
Financial information – this may include bank account number, credit or debit card number, or other financial information.
We collect information from you provide to us in order to facilitate your payment for our Lega Service. Payment information will be securely transmitted via our payment processor.
We have a legitimate interest in providing account related financial functionalities to our Customers. Additionally, we use this information to fulfill our contract to provide you with Lega Service.
Commercial information – this may include information about products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
We use technology to monitor how you interact with our Lega Service. This may include: IP addresses, preferences, web pages you visited prior to using our Lega Service, information about your browser, network or device (such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings), information about how you interact with the Lega Service (such as timestamps, clicks, scrolling, browsing times, searches, transactions, referral pages, load times, and problems you may encounter, such as loading errors).
We have a legitimate interest in understanding how you interact with our Websites and Lega Service to better improve it, and to understand your preferences and interests to select offerings that you might find most useful. We also have a legitimate interest in detecting and preventing fraud.
Network activity data – this may include internet or other electronic network activity information, such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement.
We participate in behavior-based advertising, this means that a third party uses technology (e.g., a cookie) to collect information about your use of our Websites and Lega Service so that they can provide advertising about products and services tailored to your interests on our Websites, Lega Service or on other websites.
We have a legitimate interest in engaging in behavior-based advertising and capturing website analytics.
Geolocation data – this may include precise physical location.
When you use the Lega Services we collect your location from the GPS, Wi-Fi, and/or cellular technology in your device to determine your location to provide the Lega Service.
We have a legitimate interest in understanding our Customers and providing tailored services. In some contexts, our use is also based upon your consent to provide us with geo location information.
Professional/ employment information – this may include occupation and professional references.
If you apply for a job posting, or become an employee, we collect information necessary to process your application or to retain you as an employee. This may include, among other things, your Social Security Number. Providing this information is required for employment. We use information about current employees to perform our contract of employment, or the anticipation of a contract of employment with you. In some contexts, we are also required by law to collect information about our employees.
We also have a legitimate interest in using your information to have efficient staffing and workforce operations.
Information in this category may be disclosed to government entities and other service providers.
Education information – such as information contained in education records.
If you apply for a job posting, become an employee, take part in a survey, or provide education information to join a webinar or similar activity, your education information may be required.
We have a legitimate interest in using your information to verify your qualifications to approve your participation in the relevant business need.
Information in this category may be disclosed to bar associations, government entities and other service providers.
Lega uses Microsoft Azure as our cloud-based data storage and hosting provider. Azure’s current data processing and data protection is viewable here: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA
Lega uses the Betty Blocks platform to deploy and host the Lega Service. CCPA categories of information include: Identifiers, Internet/electronic activity, Geolocation. The responsible entity is Betty Blocks B.V., Address: Pettermerstraat 7, 1823 CW, Alkmaar, The Netherlands, Contact: www.bettyblocks.com/office-contacts. Because the Betty Blocks platform hosts the Lega Service, Betty Blocks is sub-processor of all data that Lega processes through Lega Service itself. For more information on Betty Blocks’s privacy practices, please visit: https://www.bettyblocks.com/privacy-policy.
Lega uses Calendly to allow customers to schedule calls with our team. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation. The responsible entity is: Calendly, LLC. BB&T Tower. 271 17th St NW, Atlanta, GA, 30363, USA. Personally identifiable information, including name, email address, phone number and other requested data is submitted to Calendly’s servers and saved there when a user chooses to schedule a call with Lega using a form hosted by Calendly. Other information, including IP address, browser & OS version, and timestamps, is submitted to Calendly when a user loads the form or a confirmation email sent by Calendly. The analyses of your action to schedule a call through Calendly is transferred to us in the form of reports. Calendly may give any of your information to further parties where legally required to do so, or these parties are contracted to by Calendly. You can find further information about Calendly’s data processing and data protection at: https://calendly.com/pages/security
Lega uses ClickUP as our internal productivity software. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation. The responsible entity is: 363 Fifth Ave. Suite 300, San Diego, CA 92101, USA. In order to facilitate providing the Lega Service to you, we may use your name, email, phone, and account ID in ClickUP and this information will be stored on their servers. You may find further information about ClickUp’s data processing and data protection here: https://clickup.com/dpa
Lega uses Dropbox Sign (formerly known as HelloSign) to electronically request and add legally binding signatures to documents. Personally identifiable information such as name and email will be used by HelloSign should we need to send you a contract to sign. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation. The responsible entity is: JN PROJECTS Inc.1800 Owens Street, San Francisco, CA 94158, USA. You can find further information about HelloSign’s data processing and data protection at: https://www.hellosign.com/privacy
Lega uses Hubspot for our marketing and sales activities to communicate with our prospects and customers. Personally identifiable information, including name, email address, phone number and location & country is submitted to Hubspot’s servers and saved there when a user engages with the Lega Service. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation. The responsible entity is: Hubspot, 1 Harbour Pl, Suite 175. Portsmouth, NH 03801, USA. You can find further information about Intercom’s data processing and data protection at: https://legal.hubspot.com/dpa
Lega uses Intercom to communicate with our prospects and customers and to manage information about our customers and leads. Personally identifiable information, including name, email address, phone number and location & country is submitted to Intercom’s servers and saved there when a user engages with the Lega Service. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation. The responsible entity is: Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18-21 St. Stephen’s Green, Dublin 2, Republic of Ireland. You can find further information about Intercom’s data processing and data protection at: https://www.intercom.com/terms-and-policies#privacy.
Lega uses Invoice Ninja to process payments for our existing customers and others that have engaged Lega. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation. The responsible entity is: Invoice Ninja, 14799 Soaring Eagle Ct, Fort Myers, FL 33912, USA. If you sign up to a paid Lega subscription, the following data will be sent to Invoice Ninja, and saved by them: your name and email address, details of your payment method (credit card number, expiry date, CVC), your IP address, and the time and date of your transaction. You may find further information about Invoice Ninja’s data processing and data protection here: https://www.invoiceninja.com/privacy-policy/
Lega uses LinkedIn to share content on social media. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation, and potentially, Inferences about personal preferences and attributes drawn from profiling, Internet activity. The responsible entity for LinkedIn is: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. If the user is logged into a LinkedIn account (even if it is not their own account) at the same time that they access the Lega website, LinkedIn will additionally receive a notification that they have visited Lega’s website. LinkedIn collects this information, so it is possible that it could associate it with the LinkedIn account. To prevent this, log out of LinkedIn accounts prior to visiting the Lega website. You may find further information about LinkedIn’s data processing and data protection here: https://www.linkedin.com/legal/privacy-policy
Lega uses Mailchimp as a group email provider to provide a platform for users who subscribe to the service. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation. The responsible entity is: Intuit Inc. You can find further information about Mailchimp’s data processing and data protection here: https://www.intuit.com/privacy/statement/.
Lega uses Microsoft’s 365 for Business suite as its solution for email, calendars, certain storage, etc. You can find further information about Microsoft’s data processing and data protection here: https://privacy.microsoft.com/en-us/privacystatement.
Lega uses Slack, a communications platform, for internal and external communications with employees and contractors. The responsible entity is: Slack Technologies, Inc., USA. You can find further information about Slack’s data processing and data protection here: https://slack.com/intl/en-gb/terms-of-service/data-processing
Lega uses Stripe to process payments for some of our existing customers and provide billing information to these customers. The responsible entity is: Stripe, Inc, 185 Berry Street, Suite 550, San Francisco, CA 94107, USA. If you sign up for an Lega subscription, the following data will be sent to Stripe, and saved by them: your name and email address, details of your payment method (credit card number, expiry date, CVC), your IP address, and the time and date of your transaction. You may find further information about Stripe’s data processing and data protection here: https://stripe.com/us/privacy
Lega uses Twitter to share content on social media. CCPA categories of information collected include: Identifiers, Internet/electronic activity, Geolocation, and potentially, Inferences about personal preferences and attributes drawn from profiling, Internet activity. The responsible entity is: Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When a user clicks the Twitter button, Twitter will be contacted, and user data will be transferred from Lega to Twitter. Twitter will receive through this the information that the user has visited Lega’s website. If the user is logged into a Twitter account (even if it is not their own account) at the same time that they access the Lega website, Twitter will receive a notification that they have visited Lega’s website. Twitter collects this information, so it’s possible that it could associate it with the Twitter account. To prevent this, log out of Twitter accounts prior to visiting the Lega website. For further information relating to data protection and Twitter, please see: https://twitter.com/en/privacy