1. Introduction
patentlawyer.io (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains what personal information we collect when you visit patentlawyer.io (the “Site”), how we use it, who we share it with, how long we keep it, and what rights you have over it.
This Policy applies to all visitors and users of the Site and should be read alongside our Terms of Service. By using the Site, you acknowledge the practices described in this Policy.
2. Who We Are
patentlawyer.io is the data controller responsible for personal data collected through this Site. The Site is registered with an EU VAT number based in Greece, and serves users globally. For data privacy inquiries, please use the contact information in Section 12.
3. Information We Collect
3.1 Information You Provide Directly
When you complete a contact form on the Site, you may voluntarily submit:
- Your name
- Email address
- Phone number
- Company name
- The content of your message or inquiry
This information is collected only when you choose to submit it. You are not required to provide this information to browse the Site.
Important Notice Regarding Pre-Engagement Submissions: Information submitted through the contact form prior to the establishment of a formal attorney-client relationship is not protected by attorney-client privilege and is not treated as confidential. Please do not submit sensitive legal details, trade secrets, or proprietary information through the Site until a formal engagement agreement has been executed. See our Terms of Service for full details.
3.2 Information Collected Automatically
When you visit the Site, certain technical data is collected automatically by our hosting infrastructure and third-party tools:
- IP address
- Date and time of your visit
- Pages viewed and time spent on each page
- Browser type, version, and language
- Operating system and device type
- Referring URL (the page you visited before arriving at the Site)
- Geographic region (country and city level, derived from IP address)
- Interaction data such as clicks, scroll depth, and session behavior (collected by analytics tools)
This data is collected through server logs (ChemiCloud and Cloudflare), analytics platforms (Google Analytics GA4, Cloudflare Web Analytics), and advertising pixels (Meta Pixel, Google/DoubleClick). See Section 5 for details on each tool.
3.3 Information Collected via Cookies & Tracking Technologies
The Site uses cookies, pixels, and similar tracking technologies to recognize your browser, store preferences, and support advertising measurement. See Section 6 for a full breakdown of the cookies in use.
4. How We Use Your Information
We use the information collected through the Site for the following purposes:
- To respond to your inquiries and manage our business relationship with you
- To route contact form submissions to our CRM (Copper) and email platform (Google Workspace) for follow-up
- To store form submission records within our WordPress database (via Flamingo) for administrative purposes
- To analyze Site traffic and user behavior in order to improve the Site’s performance and content (via GA4 and Cloudflare Analytics)
- To measure the effectiveness of advertising campaigns and optimize ad spend (via Meta Pixel and Google/DoubleClick)
- To protect the Site from bots, spam, and malicious traffic (via Cloudflare, reCAPTCHA, and accessiBe)
- To maintain web accessibility compliance for users with disabilities (via accessiBe)
- To comply with applicable legal obligations and enforce our Terms of Service
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
5. Third-Party Services & Data Processors
We work with the following third-party service providers who may receive, process, or store personal data collected through the Site. Each provider operates under its own privacy policy.
|
Provider |
Category |
Data Received |
Privacy Policy |
|
ChemiCloud |
Web Hosting |
IP address, access logs, server data |
chemicloud.com/privacy-policy |
|
Cloudflare |
CDN, Security, Analytics |
IP address, traffic data, performance metrics |
cloudflare.com/privacypolicy |
|
Google Analytics (GA4) |
Analytics |
Pages visited, session data, device/browser info, geographic region |
policies.google.com/privacy |
|
Google Tag Manager |
Tag Management |
Manages delivery of other tags; no independent data collection |
policies.google.com/privacy |
|
Meta (Facebook) |
Advertising Pixel |
IP address, browser info, pages visited, ad interaction data |
facebook.com/privacy/policy |
|
Google / DoubleClick |
Advertising Pixel |
IP address, browser info, ad interaction and conversion data |
policies.google.com/privacy |
|
Copper CRM |
CRM |
Name, email, phone, company, inquiry content |
copper.com/privacy-policy |
|
Google Workspace |
Email & Communications |
Name, email address, communication content |
policies.google.com/privacy |
|
Google reCAPTCHA |
Spam Prevention |
Browser fingerprint, behavior data, IP address |
policies.google.com/privacy |
|
accessiBe |
Accessibility |
Accessibility preferences, widget interaction data |
accessibe.com/privacy-policy |
|
Slack |
Internal Notifications |
Form submission content (internal use only; not visitor-facing) |
slack.com/privacy-policy |
We do not sell personal data to any of these providers or to any other third party for their own independent marketing purposes.
6. Cookies & Tracking Technologies
The Site uses the following categories of cookies and tracking technologies:
|
Category |
Provider |
Duration |
Purpose |
|
Strictly Necessary |
Cloudflare |
Session / 30 min |
__cf_bm: bot management and malicious traffic prevention |
|
Strictly Necessary |
WordPress |
Session |
Session management and security for WordPress functionality |
|
Analytics |
Google (GA4) |
Up to 2 years |
_ga, _ga_[ID]: distinguish unique visitors and measure site usage |
|
Advertising |
Meta (Facebook) |
Up to 90 days |
fr, _fbp: ad delivery, attribution, and audience targeting |
|
Advertising |
Google / DoubleClick |
Up to 13 months |
IDE, NID: ad personalization, conversion tracking, and remarketing |
|
Functionality |
accessiBe |
Persistent |
Stores user accessibility preferences across visits |
|
Functionality |
reCAPTCHA |
6 months |
Distinguishes human users from bots on form submissions |
You can control or disable cookies through your browser settings. Disabling certain cookies may affect the functionality of parts of the Site. The Site implements a US Privacy User Signal Mechanism (USP API) that communicates applicable privacy signals in accordance with U.S. state privacy laws.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this Policy, or as required by law. The following retention periods apply:
- Server logs (ChemiCloud) – Up to 12 months, after which logs are deleted or anonymized.
- Cloudflare infrastructure data – Subject to Cloudflare’s own retention schedules per their Privacy Policy.
- Google Analytics (GA4) data – Up to 26 months (configurable; subject to Google’s data retention settings).
- Contact form submissions (WordPress / Flamingo) – Retained indefinitely in the WordPress database unless manually deleted by a Site administrator. You may request deletion at any time (see Section 10).
- Copper CRM records – Retained for the duration of the business relationship and for a reasonable period thereafter for legal and operational purposes.
- Google Workspace email records – Retained per patentlawyer.io’s internal email retention practices.
- Advertising pixel data – Subject to Meta’s and Google’s respective data retention schedules as described in their privacy policies.
- accessiBe preference data – Retained per accessiBe’s own retention policy.
8. How We Share Your Information
We do not sell your personal data. We share personal data only in the following circumstances:
- With service providers – As listed in Section 5, we share data with third-party providers who assist us in operating the Site and conducting our business. These providers are contractually required to use your data only for the purposes we specify.
- For legal compliance – We may disclose personal data if required to do so by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights or the safety of others.
- In connection with a business transfer – If patentlawyer.io is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you via a prominent notice on the Site if such a transfer results in a material change to how your data is used.
We do not share your personal data with unaffiliated third parties for their own independent marketing or advertising purposes.
9. International Data Transfers
patentlawyer.io operates with an EU VAT registration based in Greece and serves users internationally. Personal data collected through the Site may be transferred to and processed in the United States and other countries, including by our service providers (Google, Meta, Cloudflare, Copper CRM).
For users in the European Union or European Economic Area, such transfers are conducted in accordance with applicable data protection requirements. ChemiCloud maintains GDPR compliance and offers a Data Processing Agreement (DPA). Cloudflare and Google similarly maintain Standard Contractual Clauses (SCCs) or equivalent transfer mechanisms. For questions about international data transfers, please contact us at the address in Section 12.
10. Your Privacy Rights
10.1 California Residents (CCPA/CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know – You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purposes for collection, and the categories of third parties with whom we share it.
- Right to Delete – You may request that we delete personal information we have collected from you, subject to certain exceptions.
- Right to Correct – You may request correction of inaccurate personal information we hold about you.
- Right to Opt Out of Sale/Sharing – We do not sell personal information. However, the use of advertising pixels (Meta, Google) may constitute “sharing” under California law for cross-context behavioral advertising purposes. You may opt out by adjusting your cookie preferences or using the platform-level opt-outs described in Section 6.
- Right to Non-Discrimination – We will not discriminate against you for exercising any of your CCPA/CPRA rights.
To exercise these rights, please contact us using the information in Section 12. We will respond to verifiable requests within 45 days.
10.2 European Union / EEA Residents (GDPR)
If you are located in the EU or EEA, you have the following rights under the General Data Protection Regulation (GDPR):
- Right of Access – You may request a copy of the personal data we hold about you.
- Right to Rectification – You may request correction of inaccurate or incomplete personal data.
- Right to Erasure (“Right to be Forgotten”) – You may request deletion of your personal data where there is no compelling reason for us to continue processing it.
- Right to Restrict Processing – You may request that we limit the processing of your personal data in certain circumstances.
- Right to Data Portability – You may request a copy of your personal data in a structured, machine-readable format.
- Right to Object – You may object to processing of your personal data based on legitimate interests, including for direct marketing purposes.
- Right to Withdraw Consent – Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
To exercise these rights, contact us at the address in Section 12. You also have the right to lodge a complaint with your local data protection authority.
10.3 Other Jurisdictions
Users in other jurisdictions (including other U.S. states with applicable privacy laws such as Virginia, Colorado, Connecticut, and Texas) may have similar rights under their local laws. We will respond to privacy requests from all users in good faith and in a manner consistent with applicable law.
11. Children’s Privacy
The Site is not directed to children under the age of 13 (or under 16 for users in the EU/EEA). We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately and we will take steps to delete it.
12. Data Security
We take reasonable technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include:
- Hosting through ChemiCloud, which employs network firewalls, brute-force protection, and 24/7 server monitoring
- Traffic proxied through Cloudflare’s security infrastructure, including DDoS mitigation and threat detection
- SSL/TLS encryption for all data transmitted between your browser and the Site
- Two-factor authentication options for Site administrative access
- reCAPTCHA on all forms to prevent automated abuse
No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the effective date at the top of this document. We encourage you to review this Policy periodically. Your continued use of the Site after any changes constitutes your acceptance of the updated Policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us at:
patentlawyer.io
4725 1st ST, STE 210 Pleasanton, CA 94566-7366
We will respond to all privacy-related inquiries within 30 days.
Last Updated: April 14, 2026