Privacy Policy

We're pretty serious about protecting your information - it's kinda what we do for a living. Here's how we handle your data with the same care we'd use for our own.

Last Updated: November 13, 2025

Quick Navigation

Look, we're not gonna beat around the bush here. When you reach out to us or use our website, we collect certain information. It's pretty standard stuff, but let me break it down for you:

Personal Contact Details

Your name, email address, phone number, company name, and job title. Basically what you'd put on a business card. We need this to actually, you know, get back to you.

Case-Related Information

When you become a client, we'll collect whatever's relevant to your matter - contracts, corporate documents, IP filings, dispute details. This stuff's protected by solicitor-client privilege, which means it's locked down tighter than Fort Knox.

Key Point: We only collect what's necessary for providing legal services. We're not interested in building a dossier on you - we've got enough files to manage already.
Technical Data

Like most websites, we collect IP addresses, browser types, device info, and how you navigate our site. It's mostly for keeping things running smoothly and spotting any security issues.

We're not in the business of selling data or bombarding you with junk. Here's what we actually do with your information:

  • Providing Legal Services: This is the big one. Everything related to representing you, managing your case, drafting documents, handling negotiations - that's why we're here.
  • Communication: Responding to inquiries, sending case updates, scheduling meetings. We won't leave you hanging.
  • Billing & Administration: Invoicing, payment processing, maintaining client records. The less fun but necessary stuff.
  • Legal Obligations: Sometimes we're required to keep records or disclose info by law. It doesn't happen often, but when it does, we'll let you know unless we're legally prevented from doing so.
Key Point: We won't use your information for marketing without explicit consent. If you've signed up for our newsletter or updates, you can opt out anytime - no hard feelings.

As a Canadian law firm, we follow PIPEDA (Personal Information Protection and Electronic Documents Act). Here's what that means for you in plain English:

Access Your Data

You can request to see what personal information we've got on file. We'll provide it within 30 days.

Correct Inaccuracies

Spotted an error? Let us know and we'll fix it. Accurate records matter, especially in legal work.

Withdraw Consent

You can withdraw consent for certain uses of your data. Note: we might still need to keep some info for legal or professional obligations.

Challenge Compliance

If you think we're not handling your data properly, you can file a complaint with us or directly with the Privacy Commissioner of Canada.

Key Point: Your rights don't override our professional obligations as lawyers. Sometimes we're required to keep certain records even if you'd prefer we didn't - it's part of maintaining the integrity of the legal system.

We take security seriously - and given we handle sensitive corporate and IP matters, we kind of have to. Here's what we've got in place:

Technical Safeguards

256-bit SSL encryption for data transmission, encrypted storage systems, multi-factor authentication for all staff accounts, regular security audits, and firewalls that'd make a medieval castle jealous. Our IT infrastructure is designed for law firms handling confidential information.

Physical Security

Our office has controlled access, locked file rooms, secure document destruction protocols, and we don't leave sensitive files lying around. Old school, but it works.

Administrative Controls

Only staff who need access to your information get it. We've got confidentiality agreements with everyone who works here, regular training on data protection, and clear policies about handling client information.

Key Point: Despite our best efforts, no system is 100% bulletproof. If we ever experience a breach that affects your data, we'll notify you promptly and let you know what happened and what we're doing about it.

Yeah, we use cookies. Not the chocolate chip kind, unfortunately. Here's what's going on when you visit our site:

Essential Cookies

These keep the site functioning - things like remembering you're logged into our client portal, maintaining security sessions, and keeping your preferences. Can't really turn these off without breaking stuff.

Analytics Cookies

We use these to understand how people use our site - which pages get visited, where folks are coming from, that kind of thing. It's aggregated and anonymous. Helps us figure out if our website's actually useful or if we need to rethink things.

Managing Cookies

Your browser lets you control cookies. You can block them, delete them, or get notified when they're being set. Just know that blocking certain cookies might make parts of the site not work properly.

Key Point: We don't use advertising cookies or sell your browsing data to third parties. We're a law firm, not a data broker.

We work with a few trusted third parties to keep things running smoothly. Here's who might see your data and why:

  • Cloud Storage Providers: For secure document management and backup. They're bound by strict confidentiality agreements.
  • Payment Processors: For handling invoices and payments. They only see what's necessary for processing transactions.
  • IT Support & Security: Sometimes we need specialists to maintain our systems. They're vetted and under confidentiality obligations.
  • Legal Research Platforms: For accessing case law and legal databases. Your personal info doesn't go here - just research queries.

All our vendors are carefully selected and contractually obligated to protect your information. We don't just hand data over to anyone who asks nicely.

Key Point: We remain responsible for your data even when third parties process it on our behalf. If they mess up, that's on us to fix.

This is where being a law firm makes things different. When you communicate with us about legal matters, those communications are protected by solicitor-client privilege. That's a big deal.

What Privilege Means

Your confidential communications with us can't be disclosed without your permission (with very limited exceptions). This isn't just our policy - it's a fundamental principle of the legal system. We can't and won't waive this protection without your consent.

Secure Communication Channels

We use encrypted email, secure client portals, and other protected channels for sensitive discussions. While email's convenient, it's not perfectly secure - we'll talk about communication preferences when we start working together.

When Privilege Doesn't Apply

General inquiries, billing matters, and administrative stuff aren't typically privileged. Also, if you're asking us to help with something illegal, privilege doesn't protect that. But let's be real, you're not gonna do that.

Key Point: Solicitor-client privilege belongs to you, not us. You can waive it if you want, but we'll always advise you on the implications before that happens.

We can't just delete everything the moment a case closes. Law firms have specific retention obligations, and honestly, you might need those records down the road.

How Long We Keep Files

Active client files are kept indefinitely while we're working together. After a matter closes, we typically retain files for at least 10 years - sometimes longer depending on the type of case and applicable regulations. This protects both you and us if questions come up later.

What Gets Deleted

Marketing communications can be deleted upon request. Website analytics data gets anonymized after a reasonable period. But core client files? Those stick around for the retention period - it's part of our professional responsibility.

Secure Destruction

When retention periods expire, we don't just toss files in the recycling bin. Everything gets securely destroyed - shredding for physical documents, secure wiping for digital files.

Key Point: If you need copies of your files after a matter closes, just ask. We'll get them to you before the retention period expires. Don't wait until the last minute though.

We're based in Canada, and most of our operations stay here. But sometimes data crosses borders - here's when and how that happens:

Cloud Services

Some of our cloud providers use servers in multiple locations, including the US. We only work with providers that offer strong data protection and comply with Canadian privacy laws. All transfers are encrypted and protected.

Cross-Border Matters

If your case involves international elements - say, an IP dispute with a US company or a cross-border merger - we might need to share information with counsel or parties in other jurisdictions. We'll discuss this with you beforehand.

Safeguards

Any international transfers comply with PIPEDA requirements. We use standard contractual clauses, ensure adequate protection levels, and only transfer what's necessary for the specific purpose.

Key Point: Just because data might be stored on US servers doesn't mean US authorities can freely access it. We use Canadian providers or ensure proper safeguards are in place.

Got questions about how we handle your information? Want to exercise your privacy rights? Here's how to reach us:

Contact Our Privacy Officer

Email: counsel@lumarethvoidfront.info