Privacy Policy

UrLawHero is a Cyprus-based legal service platform providing customizable legal documents (e.g. NDAs, employment contracts, rental agreements). We act as the Data Controller for the personal data you submit to us. For all data protection matters, you can contact us at: urlawhero@gmail.com

We only collect data strictly necessary to fulfill the service you request. This may include: • Full name, email, phone number • Identification numbers (ID/passport, company reg. no., tax ID) • Address or location info • Contract-related content (e.g. names of parties, clauses, deadlines) • Payment information (via secure processors) • IP address, browser, and usage data In some cases, you may voluntarily provide special categories of personal data (e.g. health, race, union membership) when they are required to complete a legal document. In such cases, we will seek explicit consent before processing.

We process your personal data: • To prepare, generate, and deliver legal documents • To process payments and send order confirmations • To provide customer support or follow-ups • To comply with legal obligations (e.g. AML, tax reporting) • To maintain security and detect/prevent fraud • With your consent, to send you updates or legal content (opt-in only) We do not use your data for automated decision-making or profiling.

Under GDPR (Art. 6 and 9), we process your data based on: • Consent (Art. 6.1.a / 9.2.a) for marketing and special category data • Contract performance (Art. 6.1.b) to deliver requested documents • Legal obligation (Art. 6.1.c) to comply with AML or tax law • Legitimate interest (Art. 6.1.f) to improve services and protect platform security. You may withdraw your consent at any time without affecting the lawfulness of prior processing.

We retain your personal data only as long as necessary for: • Fulfilling your contract • Complying with legal requirements (e.g. 5-year AML data retention) • Resolving disputes or enforcing our terms Once no longer needed, your data will be securely deleted.

We implement appropriate technical and organizational measures in line with GDPR Article 32, including: • SSL encryption • Role-based access controls • Secure cloud infrastructure with EU-based servers • Internal confidentiality policies and staff training In the event of a data breach, we will notify the supervisory authority and affected individuals where required.

We may share your personal data only with: • Our internal legal experts • Trusted service providers (hosting, payment processors) • Legal or regulatory authorities, if required • Our group companies or subcontractors, under GDPR-compliant contracts We do not sell or rent personal data under any circumstances.

If your data is transferred outside the EEA, we ensure: • Transfers are made to countries with an EU adequacy decision or • Standard Contractual Clauses (SCCs) or other approved mechanisms are used

You have the right to: • Access your data (Art. 15) • Rectify inaccuracies (Art. 16) • Request erasure ("right to be forgotten") (Art. 17) • Restrict processing (Art. 18) • Object to processing (Art. 21) • Data portability (Art. 20) • Withdraw consent at any time (Art. 7.3) • Lodge a complaint with the Cyprus Data Protection Commissioner To exercise any of these rights, email: urlawhero@gmail.com

We use cookies for: • Basic website functionality • Security and fraud prevention • Optional analytics (with consent) You can control cookies via your browser or opt out via our cookie banner.

While we take all reasonable steps to secure your data, we are not liable for: • Any third-party misuse beyond our control • Client-provided data inaccuracies • Circumstances arising from client failure to follow security guidelines This policy is not a substitute for legal advice or full representation.

We may update this policy to reflect legal changes or improvements. The revised version will be published on this page with the updated date. Significant changes may be emailed to you.

If you choose to contact us via email, we may process your personal data for the purpose of responding to your inquiry. We rely on our legitimate interest under GDPR Article 6(1)(f) to do so, and we assume that by initiating the contact, you consent to this limited processing. For more details, see our Terms and Conditions.

UrLawHero urlawhero@gmail.com www.urlawhero.com