Current as of 20 Jan 2022
Your privacy is important to us at AnyLawyer. We respect your privacy regarding any information we may collect from you across our website.
Owner and Data Controller
1585, 447 Broadway, 2nd Floor
New York, NY, New York, US, 10013
The service under the domain anylawyer.com under which Owner provides the Services.
Data or Personal Data
Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number.
Information collected automatically by Anylawyer (or its processors), which can include: the IP addresses or domain names of the computers utilized by the Users, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on AnyLawyer) and the details about the path followed within AnyLawyer with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
User or Data Subject
Any individual using AnyLawyer.
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Data Controller.
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of AnyLawyer. The Owner is Data Controller.
The service provided by the Owner in AnyLawyer.
European Union (or EU)
The European Union, including all current member states of EU and the European Economic Area.
Cookies are Trackers consisting of small sets of data stored in the User's browser.
Tracker indicates any technology - e.g Cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting - that enables the tracking of Users, for example by accessing or storing information on the User’s device.
This privacy statement has been prepared based on provisions of multiple legislations, including Regulation (EU) 2016/679 (General Data Protection Regulation).
Types of Data collected
Submission of Data by the User, including Data automatically collected by AnyLawyer, is voluntary, but failure to do so will prevent the use of the Services. Sometimes we may communicate that submission of some Data is not mandatory and you may not submit it without any consequences for the use of the Services.
Users are responsible for any third-party Personal Data obtained, published or shared through AnyLawyer and confirm that they have the third party's consent to provide the Data to the Data Controller and its Processors or other Data Controllers.
Processing the Data
Methods of processing
The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data Controller appoints Data Processors and makes the Data accessible to them. The updated list of these parties may be requested from the Data Controller at any time.
Legal basis of processing
The Data Controller may process Personal Data in any of these cases:
The Data is processed at the Data Controller’s operating offices and in any other places where the parties involved in the processing are located.
Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own.
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User shall be retained until such contract has been fully performed.
Personal Data collected for the purposes of the Data Controller’s legitimate interests shall be retained as long as needed to fulfill such purposes.
Personal Data collected with the consent of the User will be processed until the date of withdrawal of consent by the User. However the Data Controller may be obliged to process such the Data for a longer period for other purposes stated above, including fulfilling legal or contractual obligations.
After the retention period the Data are deleted.
The purposes of processing
The Data concerning the User is collected to allow the Data Controller to provide the Services, comply with its legal obligations, respond to enforcement requests, protect its rights and interests, protect rights and interests of the Users and third parties, detect any malicious or fraudulent activity, AnyLawyer operations (including use of System logs and IP Addresses for operation and maintenance purposes).
The User's Personal Data may be used for legal purposes by the Data Controller in court or in pre-trial stage.
The User is also aware that the Data Controller may be required to reveal personal data upon request of public authorities.
Processing of Personal Data by Processors and third parties
Microsoft Azure (Microsoft Corporation)
Microsoft Azure is a hosting service provided by Microsoft Corporation.
Category of personal information collected according to the CCPA: internet information.
GPT-3, or the third generation Generative Pre-trained Transformer, is a neural network machine learning model trained using internet data to generate any type of text. Developed by OpenAI, it uses input text to generate large volumes of relevant and sophisticated machine-generated text.
AnyLawyer sends your data to a GPT-3 model in order to generate response text. AnyLawyer does not store any of this data.
The rights of Users
Users may exercise certain rights regarding their Data processed by the Data Controller, including these below. Any requests may be directed through the contact details provided in this document, free of charge. We shall respond as early as possible.
Right to withdraw the consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
Rights to object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent, according to the provisions below.
Right to access to the Data. Users have the right to information if Data is being processed by the Data Controller, about certain aspects of the processing and the right to obtain the copy of their Data.
Right to verify. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
Right to restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data.
Right to have the Data deleted. Users have the right, under certain circumstances, to have their Data deleted from the Data Controller.
Right to receive their Data and have it transferred. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller.
Right to submit a complaint. Users have the right to bring a claim before their competent data protection authority.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Data Controller or for the purposes of the legitimate interests pursued by the Data Controller, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, if their Personal Data are processed for direct marketing purposes, they can object to that processing at any time without providing any justification.
Should the changes affect processing activities performed on the basis of the User’s consent, the Data Controller shall collect new consent from the User, where required.