Sample Privacy Policy

by Stephanie Koehler | July 5, 2023

Privacy Policy

[LAW FIRM] has created the following privacy policy statements to demonstrate our commitment to informed disclosure and to accurately communicate our use of your personally identifiable information.

Personally identifiable information—as used in U.S. privacy law and information security— is information that can be used on its own, or with other information, to identify, contact, or locate a single person, or to identify an individual in context.

Personal Information Collection

Websites, blogs, and/or apps provided by [LAW FIRM] use online forms for visitors to request information from, or a consultation with, [LAW FIRM]. When visitors fill out one of these online contact forms, they may be asked to provide certain personally identifiable information—including name, address, email, and phone number. After filling out this form, messages are automatically forwarded to [LAW FIRM] or its representatives, and contact information is saved in a database.

Privacy Policy for SMS Texting Service

At [LAW FIRM], we are committed to protecting your privacy and ensuring compliance with applicable laws and regulations. This Privacy Policy governs the collection, use, and disclosure of personal information through our SMS texting service. Please read this policy carefully to understand our practices regarding your privacy. By using our SMS texting service, you consent to the terms of this Privacy Policy.

What information do we collect from you?

  • Personal Information: We may collect personal information from you when you provide it voluntarily, such as your phone number, name, and any other information you choose to provide during the opt-in process.
  • Consent Records: We keep records of the consent obtained to demonstrate compliance with applicable regulations. These records may include the method of consent, date and time, and any relevant information related to the consent process.

Types of Messages and Consent

  • Transactional Messages: Transactional SMS messages are designed to provide important information or updates about a specific transaction or existing relationship. These messages do not require written consent, and consent can be implied based on an existing business relationship or given verbally during a phone call. We ensure that our transactional messages are relevant to your relationship with us and provide value. An easy opt-out option is always included for recipients to unsubscribe from these messages.
  • Promotional Messages: Promotional SMS messages aim to promote our products, services, or events for marketing purposes. Before sending promotional messages, we require explicit and written consent from you. This consent can be obtained through a web form checkbox, signed agreement, or electronic opt-in process. A consent statement on a web form can also collect implied consent. We make sure to clearly explain the type of messages you can expect to receive, the frequency of messages, and how to opt-out.

When do we collect information?

We collect information when you fill out a form, visit the site, sign up for our newsletter, respond to a survey or marketing communication, or use certain other site features. We may collect non-personal information, such as a domain name and IP address.

The domain name and IP address reveal nothing personal about you other than the IP address from which you have accessed our site. We may also collect information about the type of Internet browser you are using, your operating system, what brought you to our website, as well as which of our web pages you have accessed.

How do we use your information?

We may use the information we collect to improve or personalize your browsing experience, and to allow us to deliver the type of content and product offerings in which you are most interested. We may contact you via e-mail in the future to tell you about specials, new products or services, or changes to this privacy policy.

How do we protect visitor information?

We follow generally accepted industry standards to protect all information submitted to us during transmission and once we receive it.

If we collect sensitive information (such as credit card data), that information is encrypted and securely transmitted to us. You can verify this by looking for a closed lock icon at the bottom of your web browser or looking for “HTTPS” at the beginning of the web page address.

We do not use vulnerability scanning, scanning to PCI standards, or SSL authentication. Any website, blog, or app we provide is provided for informational purposes only, and we never ask for personal or private information. Any information sent to us through the Internet, apps, or in an email is neither secure nor confidential and is sent at your own risk.

Use of Browser Cookies 

Cookies are small files that a site or its service provider transfer to visitors’ computer hard drives through their web browsers that enable the site’s or service provider’s systems to recognize users’ browsers and capture and remember certain information.

Websites, blogs, and apps provided by [LAW FIRM] use cookies to collect certain information about visitors, even when they aren’t logged in. We may record the following:

  • IP address
  • URLs of websites and pages visited
  • Dates and times of visits
  • Computer hardware and software information
  • Other available information

This site uses cookies to:

  • Keep track of advertisements
  • Understand your preferences based on previous or current site activity, which enables us to provide you with improved services
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future

To disable cookies, please adjust your browser settings. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. If you turn cookies off, some features of this site may be disabled. It may make your site experience less efficient and some of our services may not function properly.

Third Party Disclosure 

[LAW FIRM] does not sell, trade, or otherwise transfer users’ personally identifiable information to third parties for the purpose of direct or indirect mass email marketing. If requested or agreed upon by the client, [LAW FIRM] may provide clients’ contact information and other case information to third party attorneys when cases are referred.

We will disclose personal information and/or an IP address when required by law or in the good-faith belief that such action is necessary to:

  • Cooperate with the investigations of purported unlawful activities and conform to the edicts of the law or comply with legal process served on our company
  • Protect and defend the rights or property of our website and related properties
  • Identify persons who may be violating the law, the rights of third parties, or otherwise misusing our website or its related properties


Third Party Links

We do not include or offer third party products or services on our website.

  • Google AdSense: Google’s advertising requirements can be summed up by  Google’s Advertising Principles. They are put in place to provide a positive experience for users. We have not enabled Google AdSense on our site, but we may do so in the future.
  • Google AdWords: This website uses the Google AdWords remarketing service to advertise on third party websites (including Google) to previous visitors to our site. AdWords is a remarketing and behavioral targeting service provided by Google that collects the cookie and usage data of visitors to this website. It connects the activity of users on this website with the AdWords advertising network and the Doubleclick Cookie. Third-party vendors, including Google, use cookies to serve ads based on someone’s past browsing activity. You could be shown an advertisement on the Google search results page or a site in the Google Display Network based on your visit to this website. You can opt out of Google’s cookie tracking service here. Place of Processing: USA. Read the Google AdWords Privacy Policy for more information.
  • Google Analytics : Google Analytics is a web analysis service provided by Google. It utilizes the cookie and usage data of visitors to this website to track and examine the use of this URL and to prepare reports on the activities and performance of this URL and share them with other Google services. Google may use the data collected to contextualize and personalize the ads of its own advertising network. Place of processing: USA. Read Google’s privacy policy for more information.

California Online Privacy Protection Act (CalOPPA) 

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and the individuals with whom it is being shared, and to comply with this policy. Learn more about CalOPPA at the Consumer Federation of California’s website.

In compliance with CalOPPA we agree to the following:

  • Users can visit our site anonymously.
  • We will create a privacy policy and add a link to it on our home page, or as a minimum, on the first significant page after entering our website.
  • Our privacy policy link includes the word “privacy,” and can easily be found on the page specified above.
  • Users will be notified of any privacy policy changes on our Privacy Policy page.
  • Users are able to change their personal information by calling us.

How does our site handle “do not track” signals? 

We honor “do not track” signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third party behavioral tracking? 

Any website, blog, or app provided by [LAW FIRM] may allow third party behavioral tracking.

COPPA (Children’s Online Privacy Protection Act

The Children’s Online Privacy Protection Act (COPPA) spells out what operators of websites and online services must do to protect children’s privacy and safety online by regulating the collection of personal information from children under age 13. This website does not specifically market to children under age 13.

Fair Information Practices 

The Fair Information Practice Principles form the backbone of privacy law in the United States. In order to be in line with Fair Information Practice Principles, we will take the following responsive action, should a data breach occur:

  • We will notify affected users via email within 7 business days.
  • We will notify affected users via phone call within 7 business days.

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.


By using this Website, you consent to the collection and use of information as specified above. Any changes made to our Privacy Policy will get posted on this page. Please review this page frequently to remain up to date about the information we collect, how we use it, and under what circumstances we disclose it. You must review the new Privacy Policy carefully to ensure you understand our practices and procedures.