Privacy Policy
Updated as of: December 2024
LawPay is an affiliate and brand of AffiniPay, LLC. All references to AffiniPay include LawPay and its Sites.
This Privacy Policy (the "Policy") explains how AffiniPay, LLC and our affiliated companies and brands, including AffiniPay, LawPay, CPACharge, MyCase, Docketwise, Woodpecker, ClientPay, AffiniPay for Associations, MedPay, and CasePeer (together, "AffiniPay," "us," or "we"), collect, process, disclose, and protect your Personal Information. Personal Information is any information that identifies, relates to, describes, or is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. This Privacy Policy includes information about your privacy rights under certain laws and how you can exercise those rights. We have included supplemental information for California Consumers, including employees in California.
AffiniPay, LLC operates the website www.affinipay.com and various brand websites for our affiliated companies above, including those linked on our AffiniPay, LLC website (the "Sites"), and provides related services as described on the Sites (together with the Sites, the “Services”). This Privacy Policy applies to your use of the Services to the extent AffiniPay collects your Personal Information. Our Customers may collect information from their clients or End Users. Such information is subject to the privacy policies or practices of each Customer.
Please read this Privacy Policy carefully. By accessing and using the Services, you accept and agree to be bound by this Privacy Policy. The Services are intended for individuals 18 years or older; if you are under 18, you are not permitted to use the Services for any reason. Additional information can be found in Section 9 below.
If you have questions about this Privacy Policy, please contact us as outlined at the end of this Privacy Policy.
Scope
This Privacy Policy governs the access and use of our Services by different users, including:
- Customers and Prospective Customers, and their Representatives. To the extent an AffiniPay Customer or prospective customer, or its representative, provides their own Personal Information as part of account management, this Privacy Policy applies.
- End Users. End Users are individuals associated with Customers who use the Services, at the direction of a Customer, to make payments to Customer or to allow Customers to manage their cases. AffiniPay does not have a direct, legal relationship with these End Users, but we may collect and process Personal Information from End Users to process payments or provide the Services to Customers. AffiniPay is a data processor or “service provider” (as those terms are understood under applicable law) with respect to such End User-submitted Personal Information.
Information We Collect
Representatives of Customers may provide Personal Information to us, generally in the form of business to business contact information. End Users may provide Personal Information to our Customers, who may share this Personal Information with us to provide Services. Or, End Users may provide Personal Information directly to us when accessing or using Services, including when requesting information on our Site, submitting a payment, or registering for a promotion. We may also collect Personal Information about you from third parties, including third-party sites and advertisers, as discussed below.
We may collect and use the following categories of Personal Information, either directly or on behalf of our Customers and their Representatives:
Categories of Personal Information Collected | Purpose of Collection |
---|---|
General Identifiers: real name, alias, postal and email address, telephone number, photo, date of birth, unique personal identifiers, online identifiers (i.e. login, password), Internet Protocol (“IP”) address, device identifiers, job title, function, and/or professional memberships account credentials, or other similar identifiers. | We and our Customers may use this Personal Information to establish and maintain your account, to verify your identity, to fulfill the reason you provided the data (e.g., respond to an inquiry or manage a legal case), to send you information and promotional materials related to the Services, and to improve our Services and to develop new Services. We may also use this information to notify you of any changes to relevant agreements, policies, or other terms, and to enforce such terms, and to comply with legal obligations, court orders, or to exercise or defend against any legal claim, or in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets. |
Payment Information: information collected when processing a payment or storing payment data in a vault or wallet, including billing data, credit or debit card data, ACH or bank data, and other details related to payments by Customers and End Users or their respective financial account information. Payment data may be considered sensitive Personal Information. | We and our Customers use this Personal Information to process and complete payments submitted through our Services and to facilitate and expedite any future payments you authorize. We may also use this information to enforce and protect our rights, including as needed in dispute resolution. We may use limited and/or de-identified payment information for reporting, and to develop and improve our Services, provided, however, that such processing shall not include unmasked account numbers or payment credentials. |
Information for Identity Verification: information that can be used to verify your identity, such as your social security number, tax identification number, images of your driver’s license, government issued ID, passport, national ID card, birthdate, and other authentication information. | We use this information to (a) maintain the safety, security, and integrity of our Services, databases and other technology assets, (b) provide background and screening services, (c) fulfill “know your customer” processes that are required for certain payment services, (d) complete underwriting and account maintenance, (e)enable you to make and receive payments, (f) prevent or investigate fraud, or for risk management purposes, and (g) comply with other regulatory requirements. |
Credit application data: information collected when you apply for the LawPay Visa® Business Card or any other business credit-related product or service we may offer from time to time, which may include identifiers like credit history, bankruptcy history, tax identification number, account balances and data, and other details related to your application for and use of such products or services. | We use this information to (a) maintain the safety, security, and integrity of our credit-related Services, databases and other technology assets, (b) determine your firm’s creditworthiness and otherwise evaluate your application, (c) complete underwriting and account maintenance, (d) comply with applicable law, network rules, and requirements of the financial institution who issues the LawPay Visa® Business Card or any other credit product. |
Customer Records: information you provide when you contact us with an inquiry, participate in our communities, or otherwise interact with us, including your name and contact information, your job function, your comments or inquiry, and account details. | We use this information to respond to your inquiries and for billing and transaction purposes in connection with providing our Services. We may also use this information to enforce and protect our rights, including as needed in dispute resolution. |
Commercial Information: commercial information including products and Services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | We use this information to manage your account with us, market and improve our services and to develop new Services. |
Information we Collect from Other Entities: we may also collect information from other sources such as our data analytics service providers and advertising providers, or information about you from publicly available sources. | We use this information to help us provide our Services, tailor our communications to you, market our Services, and to improve our Services and to develop new Services. |
Audio, Electronic, Visual, or Similar Information: audio, electronic, video, visual, or similar information. For example, if you contact us, we may have dictation software create a transcript and/or retain a copy of that call recording. When you interact with the chat function that we make available on our website, AffiniPay and our service providers may record and have access to the communications for providing you customer service and improving consumer interactions with AffiniPay. Use of the chat function constitutes consent to be recorded. | We use this information for internal training purposes, to improve Customer and End User experience and communication, to market and improve our Services and to develop new Services. |
Information We Collect Automatically: we may use cookies, web beacons, or other technologies to collect certain information about visitors to and users of our Sites. We automatically collect certain information from you, such as the type of web browser and operating system you use, the name of your Internet Service Provider, Internet Protocol (“IP”) address, software version, geolocation information, the domain name from which you accessed our Sites, and information about your browsing behavior. | We use this information to tailor our Services and enhance your online experience and to help us identify and deliver features, advertisements, and offers that may be of particular interest to you. We may also use this Personal Information to market and improve our services and to develop new Services. |
Inferences: drawn from the information collected, including preferences, characteristics, behavior, attitudes, and aptitudes. | We use this information to tailor our Sites and enhance your online experience and to help us identify and deliver Sites features, advertisements, and offers that may be of particular interest to you. We also use this information to provide, support, and develop our Human Resources programs and systems. We may also use this Personal Information to improve our Services and to develop new Services. |
Sensitive Personal Information within meaning of applicable law, which may include certain identifiers like Social Security number, Driver's License number, or other government issued identification. | We only use and disclose Sensitive Personal Information as necessary in connection with the performance and Services, to comply with federal, state, or local laws, to prevent, detect, and investigate security incidents, to fight fraud and other illegal acts, for short-term, transient use, to maintain the quality of our Services, and to improve, upgrade, or enhance the Services. . |
Information Customers Choose to Share with us as Inputs while using our IQ Features: when Customers use our AI‐powered IQ services (MyCase IQ, Docketwise IQ, etc.), the Customer chooses which information it submits to the platform to be processed by its Large Language Model (LLM) provider. Based on our Customer base, such information may include Sensitive Personal Data relating to cases managed by such Customer. | We use and disclose this information as necessary in connection with the performance, development, and improvement of Services, and to comply with federal, state, or local laws. |
In addition, we may use third‐party service providers for various functions, including to deliver communications to you or to administer promotions and surveys on our behalf. Your participation in any promotions or surveys is strictly voluntary, and you may be asked about your opinions, ideas, experience, and purchase history. We use this information to better understand customer needs and improve the customer experience and our Services.
There may be links to Third Party websites and services on our Sites. Such links do not constitute an endorsement by us of those other websites, their content or services, or the persons or entities associated with those websites. This Privacy Policy does not apply to third-party websites. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies and terms of all third-party websites or services that you may visit.
If you choose to access, visit, or use any third-party site or service integrated with our Sites, we may receive your Personal Information that you have made available to those sites. For example, some social networking services allow you to push content from our Sites to your contacts or to pull information about your contacts so you can connect with them on or through our Sites. Your decision to use a third-party site or service in connection with our Services is voluntary.
We may also use third-party tools that capture and disclose data automatically. For example, we use “Google reCAPTCHA” (“reCAPTCHA”) when providing payment processing services to our clients. reCAPTCHA is used to combat fraud and verify that data has been entered by our users rather than an automated program. This entails collecting Persona Data and usage information, which is then shared with Google to confirm that data is not being entered by an automated program. For more information about Google reCAPTCHA and Google’s privacy policy, please visit https://policies.google.com/privacy and https://policies.google.com/terms.
How We Disclose Information
We may disclose Personal Information to the following categories of third parties:
- Corporate affiliates, including corporate parents, subsidiaries, other affiliated entities, and associated entities for the purposes described in this Privacy Policy. Affiliates are required to treat the information in accordance with this Privacy Policy.
- Service providers help us administer, provide, maintain, develop, improve, advertise, and market the Services. Certain service providers may contact you about products or services you may be interested in, or they may provide personalized and tailored advertising services or make available certain features, as permitted by law, including by using select information collected automatically through our Sites. We also work with such providers to match information we hold with their information to tailor advertising to your interests. We may provide certain reports including de-identified and/or aggregated Personal Information to service providers who help us maintain, market, and improve the Services. Service providers may not use your Personal Information for any other reason than providing or marketing the Services as described herein, and services providers must have appropriate safeguards to protect your Personal Information. In addition, certain business partners may also receive basic business contact information or deidentified usage data to offer or provide their services, such as integrated features. In all cases, we do not disclose your personal information to these third parties for monetary compensation, and you may opt out as detailed below.
- Parties you directly authorize to provide or receive the applicable Information, such as when you request that we process a payment. The use of your Personal Information by an authorized third party is subject to the third party’s privacy policy, and AffiniPay is not responsible for the third party's actions or policies.
- Third-party entities in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets or stock, including in connection with any bankruptcy or similar proceedings. In such cases, AffiniPay will require the recipient to use Personal Information it receives in accordance with this Privacy Policy.
- As we believe necessary: (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety, or property, and that of our affiliates, you, and others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; and (v) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.
- Pursuant to your express consent.
- All the above categories exclude text messaging originator opt‐in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.
Your Rights and Choices
Depending on your place of residence, you may have certain rights related to the collection and processing of your Personal Information. The rights vary but may include:
- Right to know whether, and for what purposes and from what source, we collect and process your Personal Information.
- Right to access, modify, or correct your Personal Information.
- Right to know with whom we have shared your Personal Information, for what purpose, and what Personal Information has been shared.
- Where processing of Personal Information is based on consent, the right to withdraw your consent to such processing.
- Right to opt-out of the sale or sharing of your Personal Information.
- Right to object to decisions based on profiling or automated decision-making that produce legal or similarly significant effects on you.
- Right to restrict the processing of your Personal Information or object to processing of your Personal Information carried out pursuant to (i) our legitimate interest or (ii) performance of a task in the public interest.
- Right to data portability, which means that you can request that we provide certain Personal Information about you in a machine-readable format.
- Right to erasure or the right to be forgotten, which means that you can request deletion or removal of certain Personal Information we process about you.
- Right to appeal the decisions we make regarding the processing of your Personal Information. You may exercise this right be replying to the correspondence you receive from us, or by contacting us at the address listed at the end of this Privacy Policy.
- Right to lodge a complaint with a regulator located in the jurisdiction of your residence, place of work, or where an alleged violation of law occurred.
You may exercise these rights, to the extent they apply to you, by contacting us as outlined at the end of this Privacy Policy. Note, however, that we may request certain reasonable additional information, that may include Personal Information, to help us authenticate your identity and to clarify or understand the scope of the request. If you are an End User, please contact the business (e.g., the law firm or CPA firm) that has directed us to process your Personal Information. As a service provider, we can only process such request with the business's consent.
You also have choices about how we communicate with you and how we process certain Personal Information about you. You may opt out of receiving marketing or other communications from us at any time by following the unsubscribe instructions provided in any email that you receive from us or by contacting us as provided at the end of this Privacy Policy. If you opt-out of receiving email from us or otherwise modify the nature or frequency of promotional communications, it may take up to ten (10) business days for us to process your request and you may continue to receive promotional communications from us during that period. You will continue to receive administrative messages regarding our Services or transactions you have entered into with us, even after opting-out of promotional communications. You also have the right to opt out of cookie collection by scrolling to the bottom of any of our web pages and clicking “Cookies.” Most web browsers automatically accept cookies, but you can usually modify this in your browser’s settings. If you opt out of cookie collection, you may be prevented from taking full advantage of our Services.
Information Security
We take reasonable steps to safeguard your Personal Information. Our platforms and payment processor partners comply with the Payment Card Industry Data Security Standard. We also have security features built into the system for our Customers and End Users, including cryptography, encryption of sensitive information, quarterly scans, annual system audits, and specific security controls around payment data.
Unfortunately, transmission of information via the Internet is never wholly secure, and we cannot guarantee or warrant the security of your Personal Information transmitted to or through our Services or otherwise provided to us, and we are not responsible for the theft, destruction, or inadvertent disclosure of such Personal Information. It is your responsibility to safeguard any passwords, ID numbers, or other special access features associated with your use of the Services. Any transmission of Personal Information by you is at your own risk.
If you have any questions about the security on our Services, or if you become aware of any unauthorized use of an account, loss of your account credentials, or suspect a security breach, notify us immediately through the contact details provided at the end of this Privacy Policy. If our security system is breached, we will notify you of the breach to the extent required under applicable law.
Information Retention
We retain the Personal Information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purposes for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
Cross-Border Information Transfers
We may transfer Personal Information to various jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. We provide appropriate protections for cross-border transfers as required by law for international data transfers.
Children’s Privacy
We do not provide Services to, or knowingly request or solicit Personal Information from, anyone under the age of 13. If we learn that we have collected Personal Information from anyone under the age of 13 without verifiable parental consent, we will delete that information as quickly as is practical. We reserve the right to request proof of age at any stage so that we can verify that minors are not using the Services.
Changes in the Privacy Policy
We may modify and update this Privacy Policy from time to time by posting an amended version on our Sites. Please refer to this Privacy Policy regularly.
How to Contact Us
If are not an End User and you wish to exercise any privacy rights applicable to you, please follow this link and provide the requested information. If you are an End User, please contact the business (e.g., the law firm or CPA firm) that has directed us to process your Personal Information. As a service provider, we can only process such request with the business's consent. If you have any questions or comments about how we collect or use your Personal Information, or you wish to exercise any applicable rights through another method, please contact us at: privacy@affinipay.com. Please note, however, that we may request certain reasonable additional information, that may include Personal Information, to help us authenticate your identity and to clarify or understand the scope of the request.
Supplement for California Consumers
AffiniPay is required to provide additional notice to End Users and Customers residing in California under the California Consumer Privacy Act and the California Privacy Rights Act (together, the "California Privacy Law"). We have included this California-specific information below.
Personal Information. Consistent with Section 2 above, within the past 12 months we collected the categories of Personal Information listed from California residents. In addition, we may collect from employees: (i) the personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) that is not already listed above, including insurance policy number, education, employment history, and medical information; and (ii) protected classification characteristics under California or federal law, include but not limited to race, national origin, religion, marital status, medical condition, disability, sexual orientation, veteran or military status, and genetic information.
Sources. AffiniPay obtains the categories of Personal Information listed above from the following categories of sources: (i) Directly from you, e.g. from information you provide through the Sites and Services and through any payments or transactions, or through any correspondence, such as when you request to receive information or support; (ii) Indirectly from you, e.g. from observing your actions on our Sites through the use of automated data collection tools or through our Customers acting on your behalf if you are an End User; or (iii) from our third-party service providers, e.g., through their independent collection efforts, or through your interactions with third-party platforms and partners, including through our integrations with them.
Deidentified Information AffiniPay is committed to maintaining and using any deidentified (as defined under California Privacy Law) information we possess in deidentified form, and to avoid attempting to reidentify such deidentified information.
Disclosure of Information: We may disclose your Personal Information as described in this Privacy Policy.
Retention. See Section 6 above for more information about our retention of your Personal Information.
California Consumer Rights. Subject to certain exceptions, as a California resident, you have the right to:
- Request to know and/or access the Personal Information we have collected about you, including specific pieces of the Personal Information we have collected about you.
- Request deletion of your Personal Information.
- Request information about the Personal Information about you that we have shared (as such term is defined under California Privacy Law) to third parties.
- Request the correction of inaccurate Personal Information.
- Request the categories of your Personal Information disclosed for a business purpose.
- Request information about the categories of your Personal Information about you that we have shared or sold within the past 12 months and the categories of third parties to whom your Personal Information was shared or sold.
- Opt-out of the sale or sharing of your Personal Information.
Other California Privacy Rights. California Civil Code Section 1798.83 permits California residents to request and obtain a list of any of their Personal Information we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, California residents are entitled to request and obtain such information, by contacting us at the details provided below.
Exercising your California consumer rights. Should you wish to request the exercise of your rights as detailed above with regard to your Personal Information, please contact us as set forth below. We will not discriminate against you by offering you different pricing or products or by providing you with a different level or quality of products, based solely upon this request. Please note that you are limited by law in the number of requests you may submit per year. In some instances, we may decline to honor your request. For example, we may decline to honor your request if we cannot verify your identity or confirm that the Personal Information that we maintain relates to you. To verify your requests, we ask that you provide information required to match the request with the consumer about whom information has been collected or utilize the authentication practices for your password-protected account. We verify requests by matching information you provide to information that we maintain in our records. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. In other instances, we may decline to honor your request where an exception under California Privacy Laws applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another consumer.
Authorized Agent. You also have the option of designating an authorized agent to exercise your rights on your behalf. To authorize an agent to act on your behalf with respect to the rights contained in this Privacy Policy, we may require proof from the agent that you have provided the authorized agent written permission to do so, and we may require that you verify your own identity directly with us. If you have provided the agent with power of attorney, that may be sufficient.
Contact. If you are not an End User, you may exercise any applicable privacy rights by visiting this link and providing the requested information. If you are an End User, please contact the business (e.g., the law firm or CPA firm) that has directed us to process your Personal Information. As a service provider, we can only process such request with the business's consent. If you have any general questions or comments about how we collect or use your Personal Information, or you wish to exercise any applicable rights through another method, please contact us at: privacy@affinipay.com. Please note, however, that we may request certain reasonable additional information, that may include Personal Information, to help us authenticate your identity and to clarify or understand the scope of the request.