Liradocs Privacy Policy
Updated on 1 February 2025.
1. Your Privacy
Your privacy is important to Liradocs, and we are committed to protecting your personal data. This Privacy Notice provides you with information about how we collect, use, disclose, and otherwise process personal data collected in connection with your use of our websites, mobile applications, software solutions, and other Liradocs services (collectively, the “Services”).
In this Privacy Notice, unless otherwise specified:
- ‘Liradocs‘, ‘we’, ‘our’, ‘us’, and any similar terms refer to Liradocs Pty Limited and its affiliated entities.
- The ‘Liradocs Group‘ refers to Liradocs Pty Limited and any of its parent or subsidiary companies (or companies controlled by the same parent) from time to time.
2. What data does Liradocs collect?
2.1 General categories of personal data
‘Personal data’ means any information about an identified or identifiable person. In general, we collect and process the following types of personal data (although the specific types of data that we collect and process about you will depend on how you interact with us and our Services, as explained in section 3 below):
- Contact Data such as your first name, last name, email address, phone number(s), billing address, and business address.
- Employment Data such as your job title, employment status, employer organization, and professional qualifications held.
- Public and Third-Party Data such as information you make public on your social media profiles (e.g. LinkedIn), which is publicly available from third-party websites (e.g. your firm’s or organization’s websites), or which is provided to us by third parties (e.g. referrers).
- Transaction History Data such as information about any payments you have made to us, refunds we have paid to you, credits, adjustments, or discounts that you are entitled to or that we have applied, details of any Services you have purchased from us, and your Service renewals and cancellations.
- Financing Data such as the identity and details of your financier, and details of any financing or credit arrangements you have entered into in relation to the payment of our fees.
- Technical Data such as your device type used to access our Service (e.g. mobile or desktop), your device’s operating system (e.g. iOS, Windows, or Android), application software, browser type and settings (e.g. language, time zone, location), Internet Protocol (IP) address, MAC address, and access times.
- Communications Data such as information you provide to us when you communicate with us by e-mail, telephone, in-person events, conferences, and seminars, by mail, through our social media channels, when you respond to surveys, provide feedback, or leave reviews or testimonials about us or our Services.
- Support Data such as information you provide to us when you make a request for support in relation to our Services, and information we can see from your screen or account if we need to provide remote support using a ‘share-screen’ feature or need access to your account remotely. We will only use this information for providing support in relation to our Services.
- Marketing Data such as your preferences for receiving marketing from us and the Liradocs Group, marketing lists you are part of, topics you are interested in receiving marketing communications about, and your communication preferences.
- User Data as described in section 2 below.
- Client Data as described in section 3 below.
2.2 User Data
If you are an individual end user of our Services (for example, a sole practitioner, a barrister, or an employee or partner of a law firm that uses our Services), then we collect, store, and otherwise process information about you that you provide, upload to, input, or generate from your use of our Services. Depending on the Services you use, this may include information about your work emails, calendar, meetings and appointments, time recordings, invoices, memos, work-related documents, interactions with other colleagues and counterparties through our Services, and account passwords. We may also collect or infer certain information from your use of our Services, such as the particular Services you access, features you use, time of access, login attempts, duration of each usage session, where you access our Services from, and your Service settings, preferences, and usage habits.
2.3 Client Data
If you are a client of one of our customers (for example, a client receiving legal services from a law firm that is using our Services), then we may collect, store, and otherwise process information about you and your legal matter, which our customers upload or import to, or generate from, our Services. This may include documents and e-mails exchanged between you and our customer, documents uploaded, imported, or generated by our customers in relation to your legal matter, invoices generated by our customer in relation to your legal matter and work they have performed for you, and your contact information. This data may include ‘special category data’ as described in section 2.4 below.
Our Services may also give customers the ability to grant limited access to certain parts of the Services (including data stored on those Services, such as Client Data) to third parties. This will allow those third parties to access certain Client Data that our customers choose to share through the Services. Some examples of how our customers may use this feature to share Client Data with third parties include:
- A customer may set up a virtual data room through our Service as part of a corporate acquisition, to share certain Client Data with the purchasing party and their professional advisors for the purposes of conducting due diligence;
- A customer may create a shared space to share Client Data relating to legal proceedings with an external barrister;
- A customer may create a shared space to enable sharing of Client Data with relevant third parties in the context of a conveyancing transaction.
We collect, share, and otherwise process Client Data as a data processor on behalf of our customers (i.e., law firms, barristers, and other legal professionals that use our Services). This means that in the vast majority of cases, the customer is the controller of this data and will determine how your Client Data is processed and who it is shared with. If you have any questions about our processing of Client Data, you should first speak with the law firm or legal professional that you are a client of, and that has provided us the Client Data for processing.
We only collect and process Client Data as required to provide our Services to our customers or where required to comply with applicable law. We do not access or share Client Data stored on our servers except in the following circumstances:
- Where Client Data may be made temporarily visible to us when providing technical support or training to our customers, or when we are responding to a customer’s questions;
- Where we are required or compelled by law (including by court order or subpoena) or a direction of a government or law enforcement authority to share Client Data with another party (and in such cases, we may act as the controller of the data); or
- Where our customer has authorised the Client Data to be shared with a third party.
2.4 Special Category Data
‘Special category data’ means:
- Data about your racial or ethnic origin, political opinions, sexual practices or orientation, religious or philosophical beliefs, trade union membership, criminal history, or physical or mental health;
- Your genetic or biometric data; and
- Any other specific categories of data that are subject to more onerous requirements under applicable data protection laws from time to time.
We do not proactively seek to collect or process special category data. However, we may store, share, and otherwise process sensitive category data to the extent that this data is Client Data, as described in section 2.2 above. We describe the purposes for which we process Client Data (including where this contains special category data) in sections 2.2 above and 4 below.
2.5 Aggregated Data
We also collect and process high-level statistical and/or demographical data about how our customers interact with our Services (for example, how customers of a certain size or type like to use our Services). This data relates only to our customers, and cannot be used to directly or indirectly identify a specific individual user of our Services. As such, this data is not considered personal data and may not be subject to the same safeguards as described in this Privacy Notice.
We use this aggregated data to better understand our customers, what features they use the most, to identify opportunities to improve our Services, and to determine what marketing content, guides, and publications will be of most value to our customers.
3. How we collect your personal data
The ways in which we collect personal data, and the types of personal data that we collect each way, are set out in the table below.
3.1 Information you provide to us
We collect personal data you provide when you use our Services from one or more devices associated with you, or that you provide in any other way, including over the phone, by email, or on paper. The table below sets out some of the ways you may provide personal data to us, and the types of personal data we collect in these ways.
| How you interact with us | Types of personal data we collect |
|---|---|
| Purchase or renew a subscription to our Services. | Contact Data, Transaction History Data, Financing Data (where applicable) |
| Register an account on our Services, use our Services, or upload or generate documents about clients and their legal matters using our Services. | User Data, Client Data |
| Contact our support center representatives. | Contact Data, Support Data |
| Communicate with us directly by e-mail, telephone, or social media, complete surveys, or provide reviews and testimonials about us and our Services. | Contact Data, Employment Data, Communications Data |
| Sign-up to our blog or marketing communications, sign up for a LiraDocs-sponsored event or webinar, or participate in our referral program. | Contact Data, Marketing Data |
3.2 Information we receive from other sources
We may collect personal data about you from third-party sources, such as information that is publicly available on your social media profiles or third-party websites (such as your firm website), or where we receive personal data about you from a third-party referrer participating in our referral program. The table below summarizes some of the different third-party sources we may use to collect your personal data, and the types of personal data we collect from these sources.
| Source | Types of personal data we collect |
|---|---|
| Third-party referrers. | Contact Data, Employment Data, Public and Third Party Data |
| Financiers where you are purchasing our Services under a financing arrangement. | Contact Data, Transaction History Data, Financing Data |
| Social media profiles (e.g. LinkedIn) that are set to public, and public website profiles (including those created by your employer). | Contact Data, Employment Data, Public and Third Party Data |
| Analytics providers (e.g. Google Analytics). | Technical Data, Marketing Data, Public and Third Party Data |
| Advertising networks. | Technical Data, Marketing Data, Public and Third Party Data |
| Your employer (where you are an employee using the Services under your employer’s subscription). | Employment Data, User Data |
| Our customers (where you are a client of one of our customers). | Client Data |
3.3 Information that we automatically collect
When you visit our websites or blogs, open or click on any links in our marketing communications, or use our Services, we may automatically collect information about your visit, including pages you access, links you click, and actions you take through the use of essential and non-essential cookies, web beacons, pixel tags, and other tracking technologies (collectively, “cookies”). We may also collect Technical Data from your device and web browser.
4. How do we use and disclose your personal data?
We use and disclose the personal data that we collect only for the purposes described in this Privacy Notice or for purposes that we explain to you at the time of collection. Depending on our purpose for collecting your personal data, we rely on one or more of the following legal bases:
- Performance of a contract: We require certain personal data in order to provide the Services you purchase or request from us, and which we have agreed to provide, under a contract.
- Consent: In certain circumstances, we may ask for your consent (separately from any contract between us) before we collect, use, or disclose your personal data. You can voluntarily choose to give or deny your consent without any negative consequences.
- Compliance with our legal obligations: There may be instances where we must collect, store, process, or disclose your personal data to comply with our legal obligations.
- Legitimate interests: We may use or disclose your personal data for our legitimate business interests. Where we need to process your data to pursue our legitimate interests, it will be in a way which is reasonable for you to expect as part of the running of our business and which does not materially affect your rights and freedoms.
The table below provides more detail on the purposes for which we may process your personal data, the types of personal data we process for that purpose, and the legal basis (or bases) upon which we rely to process your personal data.
| Purpose for processing personal data | Types of personal data processed | Legal Basis |
|---|---|---|
| Implementing our services. | Contact Data, Employment Data, User Data, Client Data | Performance of a contract with you; and Our legitimate interests in providing our Services to customers. |
| Receiving payments and recording transactions with you. | Transaction History Data, Financing Data | Performance of a contract with you; Compliance with our legal obligations (e.g., for the provision of tax invoices); and Our legitimate interests in providing our Services to our customers and receiving payment for those Services. |
| Recommend financing arrangements | Contact Data, Employer Data, Financing Data | Consent. |
| Operating and administering our Services. | Contact Data, Employment Data, Technical Data, User Data, Client Data | Performance of a contract with you; and Our legitimate interests in providing our Services to customers and ensuring our Services are used in accordance with our Terms of Service. |
| Providing third party services. | Technical Data, User Data, Client Data | Performance of a contract with you; and Our legitimate interests in providing our Services (including integrated third party services) to our customers. |
| Sending service updates and administrative messages. | Contact Data, Technical Data, User Data | Our legitimate interests in communicating with our customers in relation to our Services. |
| Providing support and training. | Contact Data, Employment Data, Technical Data, Support Data, User Data, Client Data | Consent; Performance of a contract; and Our legitimate interests in supporting our customers in their use of our Services. |
| Quality assurance and training | Contact Data, Technical Data, Support Data, Communications Data | Our legitimate interests in operating and improving our services, and providing training to our personnel. |
| Developing and improving our Services. | Technical Data, Support Data, Communications Data | Consent (in the case of feedback, ideas, reviews, or testimonials you provide on our Services); and Our legitimate interests in developing and improving our Services. |
| Send marketing communications | Contact Data, Marketing Data, Public and Third Party Data, Transaction History Data, Communications Data, Technical Data | Consent (where strictly required by law to send marketing communications); and Otherwise, our legitimate interests in marketing and promoting our Services. |
| Responding to your communications. | Contact Data, Communications Data | Our legitimate interests in communicating with our customers and potential customers. |
| Collecting and publishing testimonials | Contact Data, Communications Data | Consent; and Our legitimate interests in promoting and marketing our business. |
| Operating our referral program | Contact Data, Public and Third Party Data, Transaction History Data | Consent (where strictly required by law to conduct marketing activities); and Otherwise, our legitimate interests in promoting and marketing our business. |
| Conduct market research. | Communications Data, Marketing Data, Technical Data, User Data | Consent (where strictly required by law to conduct marketing activities); and Otherwise, our legitimate interests in better understanding our customers so that we can provide a more tailored experience. |
| Personalise content and advertising. | Contact Data, Employer Data, Technical Data, Marketing Data | Consent (where strictly required by law to conduct targeted advertising); and Otherwise, our legitimate interests in providing a more tailored and localised experience for our customers. |
| Measure the effectiveness of our advertising campaigns. | Technical Data, Marketing Data | Consent (where strictly required to deploy and use cookies); and Otherwise, our legitimate interests in marketing and promoting our business. |
| Manage our use of tracking technologies such as cookies. | Technical Data, Marketing Data | Consent (where strictly required by law to deploy and use cookies); and Otherwise, for strictly necessary cookies, our legitimate interests to operate, provide and improve our Services. |
| Compliance with legal and regulatory obligations. | Contact Data, Communications Data, User Data, Client Data, Transaction History Data | Compliance with our legal obligations. |
| Protect and enforce our legal rights | Contact Data, Communication Data, User Data | Our legitimate interests in protecting and enforcing our legal rights. |
5. Who do we share your personal data with?
We may share your personal data with the following categories of recipients:
- Other members of the Liradocs Group: These members provide data processing services necessary to provide you with our Services (for example, to support the delivery of, provide functionality on, or help enhance the security of our website and online services), or who otherwise process personal data for purposes described in this Privacy Notice.
- Third-party payment processors: We use third-party payment processors to process payments when you purchase a subscription to our Services. The third-party processor will need to collect and process your payment data (such as your payment card or bank account details) to process your payments. We do not collect or process this data ourselves.
- Other third-party service providers and partners: These providers offer data processing services to us as necessary to provide you with our Services (for example, to support the delivery of, provide functionality on, or enhance the security of our website and online services). We may also share personal data with providers of third-party services that interface with or are integrated with our Services, if you request to use those third-party services. Some of the third-party services we use include: ChurnZero, Salesforce, Zendesk, Pardot, Jira/Confluence, and Outreach.
- Third-party services and business partners: When you use third-party and partner services linked through our website or online Services, your personal data may be collected by the provider of such services. Please note that when you use third-party services, their own terms and privacy notices will govern your use of their services.
- Third-party financiers: If you contact us about financing arrangements for our Services, we may share some of your personal data with third-party financiers to enable them to enter into a financing arrangement with you. We do not collect, store, or share any financial data about you ourselves.
- Third parties to whom our customers share Client Data: As described in section 3 above, our Services allow customers to create shared spaces where they can share certain Client Data with third parties. These third parties may include barristers, counterparties in a corporate transaction, or real estate agencies in a conveyancing transaction. We share Client Data with these third parties as a processor on behalf of our customers, who as controllers determine what Client Data is shared and who it is shared with. If you are a client of one of our customers and would like to know more about who your Client Data is shared with, you should speak with the customer in the first instance.
- Competent law enforcement bodies, regulatory agencies, government authorities, courts, or other third parties: We may disclose your personal data to these entities if we believe it is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish, or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
- A buyer (and its agents and advisers): In the event of a proposed or actual purchase, merger, or acquisition of any part of our business, we may disclose your personal data to the buyer, provided that we inform the buyer that it must use your personal data only for the purposes disclosed in this Privacy Notice.
- Any other person with your consent: We may share your personal data with any other third party if you give us your consent to the disclosure, obtained separately from any contract between us.
7. International data transfers
Where we transfer your personal data to other Liradocs Group members, or to other third parties as outlined in section 5 above, your data may be processed in countries other than the country in which you are resident. These countries may have data protection laws that differ from the laws of your country (and, in some cases, may not be as protective).
Our servers and the Liradocs Group companies are located in the United Kingdom, the United States, and Australia. Our third-party service providers and business partners operate in the United Kingdom, the United States, Australia, and Japan. This means that when we collect your personal data, it may be processed in any of these countries.
If we transfer your personal data from the UK to countries and territories outside of the UK that have been formally recognized as providing an adequate level of protection for personal data, we rely on the relevant “adequacy decisions” from the European Commission (and equivalent decisions of the Secretary of State in the UK).
Where the country or territory is not subject to an adequacy decision or regulations (such as Australia), we have taken appropriate safeguards to ensure that your personal data remains protected in accordance with this Privacy Notice and applicable laws. For transfers of personal data from the UK to non-adequate countries, we will ensure the overseas recipient is bound by the International Data Transfer Agreement (IDTA) issued by the UK Secretary of State under Section 119A of the Data Protection Act 2018, as approved and effective from 21 March 2022.
9. Data retention
We retain the personal data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
In certain circumstances, we will need to keep your personal data for legal reasons after your subscription to our Services has ended. The specific retention periods depend on the nature of the personal data, why it is collected and processed, and the nature of the legal requirement.
When we have no ongoing legitimate business need or legal reason to process your personal data, we will either delete or anonymize it. If this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
10. Data subject rights
You have the following data protection rights. To exercise any of these rights, you should contact us using the contact details provided in section 14 below.
- You may access, correct, update, or request deletion of your personal data as set out in section 11.
- If you are an individual in the UK, you can object to the processing of your personal data, ask us to restrict the processing of your personal data, or request portability of your personal data (i.e., your data to be transferred in a readable and standardized format).
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us using the contact details provided in section 14. If you choose to opt-out of marketing communications, we may still send you non-promotional administrative emails, such as emails about your current subscription and service alerts.
- If we have collected and processed your personal data with your consent, you can withdraw your consent at any time by using the contact details provided in section 14. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal data conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a supervisory authority about our collection and use of your personal data (see section 12 below).
- We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
11. How to access and correct your personal data?
You may ask to access any personal data that we hold about you at any time by contacting us using the details set out in section 14.
If you believe that any personal data we hold about you is incorrect, incomplete, or inaccurate, you may ask that we correct that data. We will consider your request for correction, and if we decide not to make the correction, you can request that we add a note to the personal data that we hold stating that you disagree with it.
We will provide you with suitable means of accessing the personal data (for example, by posting or emailing it to you) and may charge you a reasonable fee to cover our administrative and other reasonable costs in providing the data to you. We will not charge you for simply making the request and will not charge for making any corrections to your personal data.
There may be instances where we cannot grant you access to the personal data we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality or legal professional privilege. If that happens, we will provide you with written reasons for our decision.
12. How to make a complaint?
If you believe that your privacy has been breached, please contact us using the details set out in section 14 and provide us with details of your concerns so that we can investigate the matter further. We will treat your complaint confidentially and will strive to investigate and resolve it within a reasonable period of time.
You may also lodge a complaint with your local supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO), and in Australia, it is the Office of the Australian Information Commissioner (OAIC). You can contact the OAIC by calling 1300 363 992 or by emailing enquiries@oaic.gov.au.
For more information about your rights and our obligations in relation to privacy, and details on how to make a privacy complaint, please visit the website of your local supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO). In Australia, the OAIC can be contacted at www.oaic.gov.au, or by post at GPO Box 5218, Sydney NSW 2001, or by email at enquiries@oaic.gov.au.
13. Updates to this Privacy Notice
We may update this Privacy Notice from time to time in response to changing legal, regulatory, technical, or business developments. When we update our Privacy Notice, we will act appropriately to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material changes if, and where, required by applicable data protection laws.
You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Privacy Notice.
14. How to contact us
If you have any questions or concerns about how we use your personal data, how long we retain your personal data, or the steps we take to protect your personal data, please send us an email at info@liradocs.com.au.