Privacy Policy
Introduction
LegiDesk (“LegiDesk”, “we”, “us” or “our”) is a technology-based platform developed to assist users in the organization, management, monitoring, and administration of intellectual property portfolios, including patents, trademarks, designs, copyrights, and other related rights, through a centralized digital system.
The Platform provides a range of tools and functionalities intended to support, inter alia, record maintenance, docketing and deadline tracking, document management, renewal monitoring, collaboration, reporting, analytics, alerts, and access controls. The Platform, its features, modules, and services may be modified, enhanced, expanded, restricted, or supplemented from time to time, and are not limited to the functionalities expressly described in this Privacy Policy.
This Privacy Policy explains how LegiDesk collects, receives, stores, processes, uses, discloses, and protects information in connection with a user’s access to or use of the LegiDesk website, web application, dashboards, modules, tools, and related services, whether accessed via desktop, mobile device, or any other digital interface (collectively, the “Platform”).
The purpose of this Privacy Policy is to provide transparency regarding the categories of information processed by LegiDesk, the purposes for which such information is processed, the safeguards applied to protect it, and the respective rights and responsibilities of users and LegiDesk under Applicable Law.
LegiDesk operates the Platform in good faith and, to the best of its knowledge, designs and maintains its systems in accordance with applicable laws and regulations, including intellectual property and data protection laws. However, the Platform is provided solely as a technological facilitation tool and does not constitute legal advice, professional services, or a substitute for independent legal diligence, statutory compliance, or professional judgment by users.
By accessing or using the Platform in any manner, the user acknowledges that they have read and understood this Privacy Policy and agree to the collection and processing of information in accordance with its terms. This Privacy Policy forms an integral part of the contractual arrangement between the user and LegiDesk and must be read together with the Terms and conditions and any other policies issued by LegiDesk from time to time.
Definitions
For the purposes of this Privacy Policy, unless the context otherwise requires, words and expressions used herein shall have the meanings assigned to them below, and words importing the singular shall include the plural and vice versa, while words importing any gender shall include all genders.
“Account” means the registered user account created on the Platform that enables access to LegiDesk’s services, features, and modules. “Applicable Law” means all laws, statutes, rules, regulations, guidelines, notifications, and governmental directions applicable within India, including but not limited to the Information Technology Act, 2000, the rules framed thereunder, the Digital Personal Data Protection Act, 2023, intellectual property laws, and any amendments, reenactments, or replacements thereof.
“Confidential Information” means all information that is not publicly available and that is proprietary, sensitive, legally protected, or confidential in nature, including intellectual property records, client data, legal documents, docket information, correspondence, and information subject to professional secrecy or contractual confidentiality obligations. “Personal Data” means any information relating to an identified or identifiable natural person, whether directly or indirectly, as defined under Applicable Law. “Sensitive Personal Data” means such categories of personal data as may be classified as sensitive under Applicable Law and requiring a higher standard of protection.
“Platform” refers collectively to the LegiDesk website, web application, dashboards, modules, tools, interfaces, features, and related digital services, including any updates, enhancements, or new functionalities introduced from time to time. “Processing” includes any operation or set of operations performed on information, whether by automated or manual means, including collection, recording, organization, storage, access, use, disclosure, transfer, retention, anonymization, or deletion.
“Third Party” means any individual or entity other than the user and LegiDesk, including service providers, vendors, partners, integrations, and external platforms. “User”, “you”, or “your” refer to any individual or legal entity that accesses or uses the Platform, whether as an account holder, authorized user, client, collaborator, or representative of an organization. Unless expressly stated otherwise, references to specific categories of services, data, features, or information in this Privacy Policy are illustrative and not exhaustive.
Scope of Application
This Privacy Policy applies to all information collected, received, generated, or otherwise processed by LegiDesk in connection with a user’s access to or use of the Platform, including during account registration, authentication, onboarding, use of features and modules, uploading or managing records and documents, enabling collaboration, communicating with LegiDesk, or otherwise interacting with the Platform.
This Privacy Policy governs the processing of information across all current and future modules, tools, and functionalities offered through the Platform, including but not limited to intellectual property management, docketing, deadline tracking, document storage, renewal monitoring, analytics, reporting, alerts, and collaboration tools, regardless of the user’s subscription plan, usage level, or scale of access.
This Privacy Policy applies solely to the Platform and does not extend to third-party websites, services, applications, or tools that may be linked to, integrated with, or accessed through the Platform. LegiDesk does not control and is not responsible for the privacy practices, data handling, availability, or security measures of such third-party services, and any information shared by users with third parties shall be governed by the policies of those third parties.
Categories of Users Covered
This Privacy Policy applies to all categories of users who access or use the Platform, including law firms, advocates, attorneys, intellectual property professionals, startups, businesses, enterprises, research institutions, innovators, and organizations managing intellectual property assets for themselves or on behalf of third parties.
It also applies to clients, partners, collaborators, employees, and other authorized users who are granted access to the Platform by an account holder through role-based permissions. The nature and extent of access, visibility, and control over information may vary depending on the user’s role, authorization settings, and subscription plan.
Notwithstanding any differences in access rights or usage privileges, all users are bound by this Privacy Policy when accessing or using the Platform. LegiDesk processes information in accordance with the permissions granted by the account holder while maintaining consistent standards of confidentiality, security, and lawful processing across all categories of users.
Information Collected
LegiDesk collects and processes information that is reasonably necessary for the operation, administration, security, and improvement of the Platform. Such information may be provided directly by users, generated through use of the Platform, or collected automatically through technical means when users interact with the Platform. The nature and extent of information collected may vary depending on how a user accesses or uses the Platform and which features or services are enabled.
Information provided directly by users may include account registration details such as name, email address, contact information, professional or organizational details, login credentials, and role-based access preferences. Where the Platform is used by law firms, enterprises, or other organizations, such information may also include details of authorized users, employees, partners, clients, or collaborators who are granted access to the Platform.
Users may upload, enter, store, or manage intellectual property–related information through the Platform, including patent, trademark, design, and copyright records, docket data, deadlines, renewal information, jurisdictional details, correspondence, and related documentation. The accuracy, completeness, and legality of such information are determined solely by the user.
LegiDesk may also collect documents, files, records, and communications uploaded, generated, or exchanged through the Platform using collaboration or document management features. The scope and content of such information depend entirely on user activity and instructions.
In addition, LegiDesk automatically collects certain technical and usage-related information when users access or use the Platform, including internet protocol (IP) address, device identifiers, browser type, operating system, login timestamps, access logs, usage patterns, feature interaction data, and system performance metrics. Such information is collected to maintain Platform functionality, security, and performance, and to improve user experience, in accordance with Applicable Law.
Sensitive and Confidential Information
The Platform is designed to facilitate the management of information that may be sensitive, confidential, proprietary, or legally protected in nature, including intellectual property records, client information, legal documents, privileged communications, and materials subject to professional secrecy or contractual confidentiality obligations.
LegiDesk processes such sensitive and confidential information strictly as a technology service provider and in accordance with user instructions, role-based access permissions, and Applicable Law. Access to such information within the Platform is governed by permissions configured by the account holder, ensuring that only authorized users are able to view, modify, or manage specific data.
All confidential, proprietary, or intellectual property–related information uploaded or stored on the Platform remains the property of the user or the relevant rights holder. LegiDesk does not claim ownership over such information and processes it solely for the purpose of providing, maintaining, and improving the Platform and its services.
LegiDesk implements reasonable technical and organizational safeguards to protect sensitive and confidential information from unauthorized access, disclosure, alteration, or loss. While such measures are designed to align with industry standards and applicable legal requirements, users acknowledge that the confidentiality of information also depends on their own access controls, credential security, and usage practices.
Purpose of Data Collection and Processing
LegiDesk collects and processes information for legitimate, specific, and lawful purposes directly connected with the operation and provision of the Platform. These purposes include enabling account creation and authentication, managing user access and permissions, delivering Platform functionalities, and facilitating the organization and administration of intellectual property portfolios.
Information is processed to support record management, deadline and renewal tracking, document storage, alerts, collaboration among authorized users, reporting, analytics, and centralized visibility of intellectual property assets across jurisdictions. Processing is also undertaken to maintain Platform security, detect and prevent unauthorized access or misuse, perform system monitoring, and ensure operational reliability.
LegiDesk may process information to communicate with users regarding account activity, service-related updates, administrative notices, support requests, and changes to the Platform or applicable policies. Information may further be processed to comply with legal obligations, respond to lawful requests from governmental or regulatory authorities, and protect the rights, safety, and interests of LegiDesk and its users.
LegiDesk may use aggregated or anonymized information for analytical, statistical, research, and development purposes, including to improve Platform performance, enhance existing features, and develop new functionalities, provided such information does not identify individual users.
Legal Basis for Processing
LegiDesk processes information in accordance with Applicable Law and relies on one or more lawful bases for such processing. Where required, information is processed on the basis of user consent, including consent deemed to be provided through voluntary access to and continued use of the Platform in accordance with this Privacy Policy.
Information is also processed where necessary for the performance of contractual obligations between the user and LegiDesk, including the provision of services requested by the user and the operation of features and functionalities made available through the Platform. In certain circumstances, processing may be required to comply with legal obligations or to respond to lawful requests from competent authorities.
Additionally, LegiDesk may process information where such processing is necessary for its legitimate business interests, including maintaining Platform security, preventing misuse, improving services, and ensuring efficient operation of the Platform, provided such interests do not override the rights and freedoms of users under Applicable Law.
Where Sensitive Personal Data or confidential information is processed, LegiDesk applies enhanced safeguards and processes such information strictly within the scope of authorization provided by the user and in compliance with Applicable Law.
Data Storage and Retention
LegiDesk stores and retains information collected through the Platform in a secure digital environment using reliable cloud-based infrastructure and industry-recognized hosting practices. Information is stored only for such duration as is reasonably necessary to fulfill the purposes for which it is collected, to provide the services requested by users, to comply with Applicable Law, and to enforce LegiDesk’s contractual and legal rights.
User data, including intellectual property records, documents, and account-related information, is generally retained for the period during which a user maintains an active account on the Platform, unless a longer retention period is required or permitted under Applicable Law. Upon suspension, termination, or closure of an account, LegiDesk may retain certain information for a limited period for legal, regulatory, audit, dispute resolution, backup, or security purposes, after which such information may be securely deleted, anonymized, or archived in accordance with internal retention policies and Applicable Law.
LegiDesk may maintain encrypted backups of information to ensure business continuity, disaster recovery, and system integrity. Users acknowledge that residual copies of information may persist for a limited duration in backup systems even after deletion or account closure, without being actively accessible, processed, or used for operational purposes, and subject at all times to appropriate security safeguards.
Data Security Measures
LegiDesk implements reasonable and appropriate technical and organizational measures designed to protect information processed through the Platform against unauthorized access, disclosure, alteration, loss, or destruction. Such measures are proportionate to the nature of the data processed and the risks associated with such processing, particularly given the sensitive and confidential character of intellectual property and legal information handled on the Platform.
Security measures may include, among other things, encryption of data at rest and in transit, authentication and access control mechanisms, role-based permissions, access logging, monitoring systems, and internal security protocols intended to prevent unauthorized use or interference with the Platform. Access to user information is restricted to authorized personnel on a need-to-know basis and subject to confidentiality obligations.
While LegiDesk endeavours to maintain security practices consistent with applicable legal requirements and industry standards, users acknowledge that no digital system can be entirely secure. Accordingly, LegiDesk does not guarantee absolute security and shall not be responsible for security incidents arising from factors beyond its reasonable control, including user conduct, credential compromise, or vulnerabilities in third-party systems or networks.
User Confidentiality and Client Privilege
LegiDesk recognizes that the Platform may be used by legal professionals, enterprises, and organizations to manage information that is subject to professional secrecy, confidentiality obligations, and client–advisor privilege. LegiDesk processes such information strictly as a technology service provider acting on the instructions of the user and does not assume any advisory, fiduciary, or professional role.
Information uploaded, stored, or shared on the Platform remains under the control of the user, and LegiDesk does not review, monitor, or access such information except to the extent reasonably necessary to provide the Platform’s services, ensure system security, comply with Applicable Law, or respond to lawful requests from competent authorities.
LegiDesk does not claim any rights over user content, intellectual property records, or client data and does not disclose such information to third parties except as expressly permitted under this Privacy Policy or as required by law. The confidentiality of user and client information is preserved through technical safeguards, access restrictions, and operational controls implemented across the Platform, subject always to the user’s own responsibility to manage access and permissions appropriately.
Data Sharing and Disclosure
LegiDesk does not sell, rent, or trade user information. Information processed through the Platform is shared only in limited circumstances and solely for purposes consistent with this Privacy Policy and Applicable Law.
LegiDesk may share information with trusted third-party service providers, vendors, or partners who support the operation, maintenance, security, or enhancement of the Platform, including cloud hosting providers, communication service providers, analytics services, and technical support vendors. Such third parties are engaged under contractual arrangements that require them to process information only on LegiDesk’s instructions, maintain confidentiality, and implement appropriate security measures.
Information may also be disclosed where required to comply with Applicable Law, enforce legal rights, respond to lawful requests from governmental or regulatory authorities, or protect the rights, property, or safety of LegiDesk, its users, or the public. In the event of a merger, acquisition, restructuring, or transfer of assets, user information may be transferred as part of such transaction, subject to continued protection in accordance with this Privacy Policy.
Except as expressly stated herein, LegiDesk does not disclose user information to third parties without appropriate authorization or a lawful basis.
Third-Party Services and Links
The Platform may contain links to, or enable integrations with, third-party websites, services, tools, software, or applications that are not owned, operated, or controlled by LegiDesk. Such third-party services may include, without limitation, payment processors, communication tools, analytics services, cloud infrastructure providers, government or registry portals, or other external platforms that users may choose to access in connection with their use of the Platform.
LegiDesk does not control and is not responsible for the availability, functionality, accuracy, content, privacy practices, data handling policies, or security measures of any third-party services. Any information shared by a user with such third parties is governed solely by the terms, conditions, and privacy policies of those third parties, and users access or rely upon such services at their own discretion and risk.
The inclusion of any third-party link or integration on the Platform does not constitute or imply any endorsement, approval, representation, or warranty by LegiDesk. LegiDesk shall not be liable for any loss, damage, disruption, or consequence arising from a user’s access to, use of, or reliance upon any third-party service, including any acts, omissions, errors, delays, or failures attributable to such third parties.
Cookies and Tracking Technologies
LegiDesk may use cookies and similar tracking technologies to enable essential Platform functionality, enhance user experience, support authentication and session management, maintain system security, and monitor performance. Cookies are small data files stored on a user’s device that allow the Platform to recognize user sessions and facilitate smooth navigation across features and modules.
The cookies used by LegiDesk are primarily functional and operational in nature and are not intended to collect unnecessary personal information or to engage in intrusive tracking unrelated to the operation of the Platform. Any use of cookies or similar technologies is undertaken in accordance with Applicable Law.
Users may manage or disable cookies through their browser or device settings. However, users acknowledge that disabling cookies may affect the availability, performance, or functionality of certain features of the Platform. By continuing to access or use the Platform without disabling cookies, users consent to the use of cookies and similar technologies as described in this Privacy Policy.
User Rights
Subject to Applicable Law, users may have certain rights in relation to the personal data processed by LegiDesk. Such rights may include the right to request access to personal data, seek correction or updating of inaccurate or incomplete information, request deletion or restriction of processing, and withdraw consent where processing is based on consent, subject to legal, contractual, and operational limitations.
Users may exercise their rights by submitting a request through the contact details made available by LegiDesk. LegiDesk shall respond to such requests within a reasonable timeframe and in accordance with Applicable Law, after verifying the identity and authority of the requester to ensure protection against unauthorized access or misuse.
Notwithstanding the foregoing, LegiDesk may retain or continue to process certain information where such retention or processing is necessary to comply with Applicable Law, fulfill contractual obligations, resolve disputes, enforce legal rights, maintain security and audit records, or prevent fraud or misuse. The exercise of user rights shall not prejudice LegiDesk’s lawful rights or obligations under Applicable Law.
User Responsibilities
Users are responsible for ensuring that all information provided to or processed through the Platform is accurate, complete, lawful, and up to date. Users must ensure that they have all necessary rights, permissions, consents, and authority to upload, store, process, or share any data, documents, or content through the Platform, including intellectual property records, client information, and confidential materials.
Users are responsible for maintaining the confidentiality and security of their account credentials and for all activities carried out through their account. Users shall promptly notify LegiDesk of any unauthorized access, suspected security breach, or misuse of their account.
Users shall use the Platform in compliance with Applicable Law and shall not attempt to gain unauthorized access to the Platform, interfere with its operation, bypass security measures, probe or test vulnerabilities, reverse engineer any part of the Platform, or engage in any activity that may compromise the security, integrity, or availability of the Platform or the data processed through it.
LegiDesk shall not be responsible for any loss, disclosure, damage, or consequence arising from a user’s failure to comply with their responsibilities under this Privacy Policy, including misuse of the Platform, failure to safeguard credentials, or unauthorized sharing of access rights.
International Data Transfers
LegiDesk may store, process, or access information on servers or infrastructure located within or outside India, including through cloud service providers, technical partners, or affiliates engaged for the operation and maintenance of the Platform. Where information is transferred or accessed across national borders, LegiDesk takes reasonable steps to ensure that such transfers are carried out in accordance with Applicable Law and subject to appropriate contractual, technical, and organizational safeguards.
By accessing or using the Platform, users acknowledge and consent to the transfer, storage, and processing of their information in jurisdictions outside their country of residence, provided that such processing is undertaken in compliance with this Privacy Policy and applicable legal requirements. Users further acknowledge that data protection laws and standards may vary across jurisdictions.
Age Restrictions
The Platform is intended for use by professionals, organizations, and entities engaged in intellectual property management and related activities and is not designed for use by individuals below the age of eighteen years. LegiDesk does not knowingly collect, solicit, or process personal data of minors.
If LegiDesk becomes aware that personal data of a minor has been inadvertently collected or processed, it shall take reasonable steps to delete such information from its records, unless retention is required under Applicable Law. Users are responsible for ensuring that no information relating to minors is uploaded, shared, or processed through the Platform in violation of Applicable Law.
Changes to This Privacy Policy
LegiDesk reserves the right to modify, amend, or update this Privacy Policy from time to time to reflect changes in Applicable Law, regulatory requirements, business practices, technological developments, or the nature of the services offered through the Platform.
Any changes to this Privacy Policy shall become effective upon publication of the revised version on the Platform, unless otherwise stated. Users are encouraged to review this Privacy Policy periodically. Continued access to or use of the Platform after the effective date of any changes shall constitute acceptance of the updated Privacy Policy.
Governing Law and Jurisdiction
This Privacy Policy shall be governed by and construed in accordance with the laws of India.
Subject to Applicable Law, any dispute, claim, or controversy arising out of or relating to this Privacy Policy, including its interpretation, validity, or enforcement, shall be subject to the exclusive jurisdiction of the competent courts in India.
Grievance Redressal and Contact Information
In accordance with Applicable Law, LegiDesk has established a grievance redressal mechanism to address user concerns, complaints, or queries relating to the processing of information under this Privacy Policy. Users may raise grievances or seek clarifications by contacting LegiDesk through the contact details made available on the Platform or as otherwise notified from time to time.
LegiDesk shall make reasonable efforts to acknowledge and address grievances within the timelines prescribed under Applicable Law. Users are encouraged to provide complete, accurate, and relevant information while submitting grievances to facilitate timely review and resolution. The grievance redressal mechanism is intended to address data protection–related concerns and does not limit or prejudice any other contractual, statutory, or legal remedies available to LegiDesk or users under Applicable Law.
Consent and Acknowledgment
By accessing, registering on, or using the Platform in any manner, the user acknowledges that they have read and understood this Privacy Policy and agree to the collection, processing, storage, use, disclosure, and protection of information in accordance with its terms and Applicable Law.
Where consent is required to be obtained expressly under Applicable Law, such consent shall be deemed to have been provided by the user through voluntary access to and continued use of the Platform after being made aware of this Privacy Policy. If a user does not agree with this Privacy Policy or withdraws consent where permitted under Applicable Law, the user must discontinue use of the Platform, subject to any legal or contractual obligations that require continued processing or retention of information.