SimpleLegal, Inc. (“SimpleLegal” and “we”) operates a service intended to help businesses understand legal services performed by outside counsel law firms and other legal vendors. In order to provide this service, we collect and analyze law firm billing information from our customers. This Privacy Policy outlines what information we collect, how we secure your information, how we use and disclose it, and who to contact if you have questions.SimpleLegal recognizes your expectation of privacy and security and we greatly value and appreciate the trust you place in us to maintain the privacy and security of your data.

What does this Privacy Policy Cover?

This privacy policy (“Privacy Policy”) covers interactions in the course of our “Service” including (a) the website we operate currently located at, (b) SimpleLegal’s data analytics services, and (c) unless they are accompanied by a separate privacy policy, other web sites, embeddable widgets (such as customer service “chat now” widgets), downloadable software, mobile applications including tablet computer applications, and messages such as emails that we may send to or receive from you. This Privacy Policy is incorporated into and subject to SimpleLegal’s Terms of Service (the “Terms”). References to your “computer” or “device” in the Privacy Policy refer to any device(s) you use to access the Service, and “you” and “your” refer to the individual or entity that has agreed to the Terms.

By using the Service, you agree to this Privacy Policy. We may revise this Privacy Policy from time to time. If we do so, we will update the “Last Updated” date above. Please revisit this page to stay aware of any changes. Continued use of the Service constitutes your agreement to this Privacy Policy and any updates.

Data Collection, Use, Disclosure, and Security

What type of Data do we collect?

In accordance with this Privacy Policy, the information we collect from you when you use the Service includes:

  1. Submitted Business Information: To help our customers analyze legal spend and detect and prevent excessive or abusive billing practices, we collect and analyze legal vendor invoices, billing statements, and other information submitted by our customers or their vendors. Invoices often contain highly confidential and private information including information related to potential acquisitions, debt, patents, customers, vendors, and other business activities. This information also includes personal and business information related to our customers’ legal vendors and employees including, without limitation, vendor names, addresses, phone numbers, timekeeper name, title, bill rates, dates of service, hours worked, and descriptions of work. See below for policy specific to disclosure of Submitted Business Information.
  2. User-Provided Information: SimpleLegal may ask you to provide information, including a first name, last name, phone number, and email address, which may be considered “personally identifiable information” (that is, information that would allow SimpleLegal to directly identify a person). You may also provide other personally identifiable information to SimpleLegal when you send an email to SimpleLegal or at other times when you use or access the Service.
  3. Automatically Collected Information: When you use or access the Service, SimpleLegal may automatically record certain information about or related to your use of the Service that is made available through your computer such as an IP address, information about your computer and software, links, images, or other materials you request, information that may enable SimpleLegal to approximate your location, the pages or screens you accessed on the Service, the dates and times you access the Service, and other information about how you use the Service. This information is collected through the use of different types of technologies, such as standard log files, cookies, and web beacons (sometimes called “clear GIFs”).
  4. Cookies Information: One form of “automatically collected” information we may record is information stored by “cookies” – small text files containing characters. When you access the Service, SimpleLegal may send one or more cookies to your computer. By sending you cookies with values that are unique, SimpleLegal may be able to uniquely identify your web browser or device when you access the Service. You may review the “Help” file for your computer or web browser to learn the proper way to modify your cookie settings.
  5. Web Beacons: Web beacons, which are sometimes referred to as “clear gifs,” are a way of referring to web links that your browser, device, or email program requests when loading a web page, html email, or similar web-connected content. When this request is made, the entity which controls the requested link (which would be SimpleLegal for links back to the Service) can determine if you opened an email containing a web beacon or otherwise viewed particular content.

How do we use the Data we collect?

SimpleLegal may use the information you provide or that SimpleLegal collects (“Raw Data”) to develop, operate, support, maintain, enhance, and provide the Service, to analyze and develop our Service, for marketing efforts, to develop new products and services, and for other administrative and operational purposes, for example:

  1. to contact you for feedback about the Service,
  2. to conduct research about the Service,
  3. to provide anonymous reporting for internal and external purposes,
  4. to notify you of technical updates or changes in policy, or
  5. to contact you for marketing and promotional purposes.

You can opt-out of receiving certain communications, but SimpleLegal reserves the right to continue to send you certain communications relating to the Service, such as service announcements and administrative messages, without offering you the opportunity to opt-out of receiving them.

SimpleLegal does not claim an ownership right in Raw Data. We may use Raw Data for our internal business purposes in operating, developing, enhancing, maintaining, supporting, and providing the Service and our other products and services, including to other customers. At no point do we disclose Raw Data to other customers. See below for our policy specific to disclosure of Submitted Business Information.

All Derived Data and Analytical Results (each as defined below) that we generate through or in connection with the Service using Raw Data, whether alone or in combination with data from other sources, are and will remain our property and may be used and disclosed by us in our discretion.

Do we share or disclose the Data we collect to third parties?

Except as provided in this Privacy Notice, we do not sell or disclose to third parties any of the following:

Except as provided in this Privacy Notice, we do not sell or disclose to third parties any of the following:

We require our third party service providers to agree to only use the Raw Data we disclose to them in accordance with our Privacy Policy and for no other purpose than to provide us necessary services.

SimpleLegal may provide your information to third parties for their use in helping us perform our internal business functions–things like performing maintenance, security, data analysis, email transmissions, or data hosting on our behalf–and in helping us better understand how you and other users use our Service. For example, SimpleLegal may use a service called Google Analytics by permitting Google to use technologies such as web beacons and cookies to collect certain non-personally identifiable information that helps us understand your usage of our Service.

To Protect Our Interests: SimpleLegal may disclose your personal information if we believe that doing so is legally required or is in our interest to protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights or property of others, or otherwise to help protect the safety or security of our Service or of other persons, entities, facilities, or equipment.

Business Transfers: SimpleLegal may disclose and otherwise transfer your personal information to an acquirer, or to a successor or assignee, as part of any merger, acquisition, debt financing, sale of all or a portion of our assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership, in which your personal information is transferred to one or more third parties as one of our business assets.

Disclosure of Submitted Business Information
At no point do we share or disclose Submitted Business Information with any third party except for the following trusted third parties who assist us in operating our service:

Other than the above exceptions, at no point is Raw Data disclosed to any third party not employed directly by SimpleLegal (a W2 employee) or contracted directly by SimpleLegal (a 1099 contractor), all of whom are subject to strict non-use and non-disclosure obligations.

Additionally, access to Submitted Business Information is limited to only those employees and contractors with a need that is critical to delivering our Service.

How do we secure the Data we collect?

To safeguard your information, we have the following security measures:

  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1 (for payments)
  • FISMA Moderate
  • Sarbanes-Oxley Compliance

Please note, you are responsible for maintaining the secrecy of your unique password and account information at all times. Please be careful with this information.

SimpleLegal has implemented physical, technical, and managerial safeguards in an effort to protect your personal information from unauthorized access, disclosure, alteration, and destruction. However, due to the inherent open nature of the Internet, no transmission or storage of information can be 100% guaranteed to be safe and secure. SimpleLegal cannot and does not guarantee the security of the information SimpleLegal collects from you or that such information will not be accessed, disclosed, altered, or destroyed by breach or other failure of any of SimpleLegal’s physical, technical, or managerial safeguards.

Third Party Sites

Some of the services or materials included or accessible through the Service may be delivered or served by the third-party companies described above. For example, the Service may include certain integrations with third-party customer service resources, chat functionality, and other services that help provide us with analytics information about the usage of the Service. In the course of serving such resources, some third-party operators may place or recognize a unique cookie on your browser in order to collect certain information about your use of the Service. SimpleLegal does not have access to, nor control over, third-party companies’ use of cookies or other tracking technologies or how they may be used.


The Service is not intended for persons under 18 years of age, and SimpleLegal does not knowingly collect or retain personally identifiable information about such persons. If SimpleLegal learns that personally identifiable information of persons under the age of 18 years has been collected on the Service, then SimpleLegal will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under the age of 18 has obtained a Service account, then you may alert SimpleLegal at [email protected]

International Users

If you use the Service from other regions of the world, you understand and consent to the transfer of information outside of those jurisdictions to the United States or other jurisdictions for the uses identified above in accordance with this Privacy Policy.

Contact Information

Please contact SimpleLegal with any questions or comments about this Privacy Policy or the Service’s collection, use, or disclosure of your information by email at [email protected]