Privacy Policy

Comprehensive data protection and privacy practices in compliance with GDPR, CCPA, and federal regulations

Data Protection Shield

Advanced Data Protection

Industry-leading security measures to protect your sensitive information

GDPR CCPA Compliance

Regulatory Compliance

Full compliance with GDPR, CCPA, and all applicable privacy regulations

Secure Data Storage

Secure Data Storage

Encrypted servers and secure data handling procedures for maximum protection

1. Information We Collect

Effective Date: September 2, 2025

Personal Information Categories (CCPA Compliance)

  • Identifiers: Name, postal address, phone number, email address, IP address
  • Protected Classifications: Age, medical condition information
  • Commercial Information: Records of services, consultation history
  • Internet Activity: Browsing behavior, search history, website interaction
  • Geolocation Data: Approximate location based on IP address
  • Sensitive Personal Information: Health condition details, government ID numbers

Sources of Information

  • Direct submissions through forms and consultations
  • Third-party lead generation partners and affiliates
  • Public records and databases
  • Marketing and advertising partners
  • Analytics and tracking services

2. How We Use Your Information

Primary Purposes

  • Legal Consultation Services: Connecting you with qualified attorneys
  • Case Evaluation: Assessing eligibility for compensation claims
  • Communication: Contacting you about your case and providing updates
  • Marketing: Providing information about legal services and opportunities
  • Compliance: Meeting legal and regulatory requirements

HIPAA-Compliant Medical Information Handling

When handling medical information, we comply with HIPAA regulations and only process information necessary for legal consultation purposes. We obtain appropriate authorizations for marketing communications involving protected health information.

3. Information Sharing and Disclosure

Third-Party Recipients

  • Legal Partners: Qualified attorneys and law firms for case evaluation
  • Service Providers: Technology vendors, analytics providers, communication services
  • Marketing Partners: Advertising networks and lead generation companies
  • Government Agencies: When required by law or legal process

Sale and Sharing of Personal Information (CCPA Notice)

We may share personal information with marketing partners and legal networks for business purposes. California residents have the right to opt-out of the sale or sharing of personal information. Click here to opt-out or use the "Do Not Sell or Share My Personal Information" link.

4. Data Retention

Retention Periods by Category

  • Contact Information: 7 years from last interaction
  • Medical Information: 10 years in compliance with healthcare record requirements
  • Marketing Data: 3 years from collection date
  • Website Analytics: 26 months (Google Analytics default)
  • Legal Case Information: Permanently (legitimate legal interest)

We retain personal information for the minimum period necessary to fulfill stated purposes, comply with legal obligations, and resolve disputes.

5. Your Privacy Rights

California Consumer Privacy Act (CCPA) Rights

  • Right to Know: Information about categories and specific pieces of personal information
  • Right to Delete: Deletion of personal information (subject to legal exceptions)
  • Right to Correct: Correction of inaccurate personal information
  • Right to Opt-Out: Opt-out of sale or sharing of personal information
  • Right to Limit: Limit use of sensitive personal information
  • Right to Non-Discrimination: Equal treatment regardless of privacy choices

GDPR Rights (EU Residents)

  • Access: Obtain copies of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Delete your personal data ("right to be forgotten")
  • Data Portability: Receive data in a structured, machine-readable format
  • Object: Object to processing for direct marketing purposes
  • Restrict Processing: Limit how we process your data

How to Exercise Your Rights

Email: help@covidinjury.com
Phone: 1-800-COVID-LAW
Mail: COVID Injury Network Privacy Department
Response Time: 45 days (may be extended by 45 days with notice)

6. Opt-Out and Communication Preferences

TCPA Compliance and AI-Powered Communications

In compliance with the 2025 TCPA regulations and FCC rulings on AI-generated communications:

AI Communication Disclosure

We may use artificial intelligence technology, automated dialing systems, and pre-recorded messages to contact you. By providing your phone number, you consent to receive marketing calls using these technologies. You have the right to opt-out at any time.

Opt-Out Methods

  • Text Messages: Reply "STOP" to any text message
  • Phone Calls: Request removal during any call or call 1-800-COVID-LAW
  • Email: Use unsubscribe links or email help@covidinjury.com
  • All Communications: Complete our Do Not Contact Form

Processing Time: Opt-out requests will be processed within 10 business days as required by TCPA regulations.

7. Security Measures

Data Protection Safeguards

  • Encryption: AES-256 encryption for data in transit and at rest
  • Access Controls: Multi-factor authentication and role-based access
  • Regular Audits: Quarterly security assessments and penetration testing
  • Staff Training: Regular privacy and security training for all personnel
  • Incident Response: 24/7 monitoring and response procedures

Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you within 72 hours as required by applicable law and provide detailed information about the incident and protective measures taken.

8. International Data Transfers

We may transfer your personal information to countries outside your country of residence. For EU residents, we ensure adequate protection through:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for approved countries
  • Binding Corporate Rules where applicable

9. Changes to This Privacy Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. Material changes will be communicated through:

  • Email notification to registered users
  • Prominent notice on our website
  • Updated "Effective Date" at the top of this policy

Continued use of our services after policy changes constitutes acceptance of the updated terms.

10. Contact Information

For privacy-related questions, concerns, or requests:

COVID Injury Network Privacy Department
Email: help@covidinjury.com
Phone: 1-800-COVID-LAW
Response Time: 45 days maximum

EU Representative (GDPR):
Email: help@covidinjury.com

California Consumer Privacy Rights:
Toll-Free: 1-800-CCPA-LAW
Online Form: Submit Privacy Request