Privacy Policy

Effective Date: May 11, 2026

Last Updated: May 11, 2026

Quick summary

We're a Pennsylvania law firm focused on corporate and IP work for builders and founders. This policy explains what we collect, why, and what rights you have.

Short version:

  • We collect information you give us through forms, intake, and engagement, plus standard website analytics.

  • We use it to provide legal services, run our business, and communicate with you.

  • We use AI and automation throughout our practice under provider agreements that prohibit training on our data and limit how long it's retained.

  • We don't sell your personal information.

  • You have rights to access, correct, delete, and limit how we use your data, depending on where you live. Email privacy@nerdlawyer.ai to exercise them.

  • Submitting a form on this site does not create an attorney-client relationship.

1. About this policy and who we are

This Privacy Policy describes how Nerd Lawyer Entrepreneur Services, LLC ("NLES," "we," "us," "our") collects, uses, shares, and protects personal information when you:

  • visit our websites — including nerdlawyer.ai, dispatch.nerdlawyer.ai, and portal.nerdlawyer.ai (collectively, the "Sites");

  • interact with us through forms, email, or other communications; or

  • receive legal services from us (the "Services").

We are a Pennsylvania-based law firm. Our practice is governed by the Pennsylvania Rules of Professional Conduct, including Rule 1.6 (confidentiality) and Rule 1.18 (duties to prospective clients). This policy is in addition to — not in place of — those professional obligations. Where any provision of this policy conflicts with our professional obligations, those obligations control.

If you have questions, contact us at privacy@nerdlawyer.ai.

2. No attorney-client relationship through this site

Submitting a contact form, intake questionnaire, or any other communication through our Sites does not, by itself, create an attorney-client relationship. An attorney-client relationship is formed only when we have completed conflict checks, agreed in writing to represent you, and you have signed a written engagement agreement.

Do not send us confidential or privileged information through web forms or unencrypted email before an engagement is in place. Information you submit to us before engagement may not be protected by attorney-client privilege.

3. Information we collect

Information you provide directly

When you contact us, complete an intake form, request information, register for an event, or engage us for legal services, you may provide:

  • Identifiers (name, email, phone number, mailing address)

  • Professional information (company, role, industry, business stage)

  • Information about your legal matter (subject matter, parties, timing, documents)

  • Payment information (processed through our payment providers — we do not store full card numbers on our systems)

  • Communications you send us (emails, messages, uploads, form responses)

  • Information about other individuals when you provide it (counterparties, employees, founders, inventors)

Information collected automatically

When you visit our Sites, we and our service providers may automatically collect:

  • IP address, device identifiers, browser and device type, operating system

  • Pages viewed, links clicked, referring and exit URLs, timestamps

  • General location inferred from IP address

  • Usage and interaction data from analytics tools

Information from third parties

We may receive information about you from:

  • Clients and their representatives in the course of providing Services

  • Public records, court filings, and government databases (including USPTO and state corporate registries)

  • Service providers and data sources we use for conflict checks, due diligence, and IP research

  • Co-counsel, referral partners, and other professionals

Categories of personal information (for California and other state-law purposes)

In the prior 12 months, we have collected the following categories of personal information as defined under California law: identifiers; customer records information (Cal. Civ. Code § 1798.80(e)); commercial information; internet or other electronic network activity information; geolocation data (approximate); professional or employment-related information; and inferences drawn from the foregoing. We have not collected biometric information, audio or visual information beyond ordinary correspondence, education records, or precise geolocation data.

4. Sensitive personal information

We do not generally seek to collect sensitive personal information (as defined under California and other state privacy laws) through our Sites. Some sensitive information may come to us in the course of providing legal services — for example, government identifiers in entity formation matters, or health information in matters involving medical device or biotech clients. We use this information only for the legal Services for which it was provided.

We do not use or disclose sensitive personal information for purposes beyond those permitted under applicable law without affirmative consent.

5. How we use your information

We use the information we collect to:

  • Provide legal Services — conflict checks, matter evaluation, drafting, research, filings, and representation

  • Operate our Sites and tools — authentication, troubleshooting, performance, security

  • Communicate with you — respond to inquiries, send service updates, invoices, and engagement materials

  • Marketing — send the Dispatch newsletter and other content to those who have opted in

  • Improve our Services — analyze usage, develop new features and offerings

  • Comply with legal and regulatory obligations — including the Pennsylvania Rules of Professional Conduct, USPTO rules, tax and recordkeeping laws, and lawful requests from authorities

  • Protect our rights and prevent misuse — investigate suspected fraud, security incidents, or violations of our terms

6. How we use AI and automated processing

We are an AI-native law firm. Artificial intelligence and automated systems are used throughout our practice and operations. This section explains what that means for your data.

Where we use AI

  • Intake and classification — routing inquiries to the appropriate service line

  • Document drafting — generating first drafts of contracts, memos, and filings for attorney review

  • Research and analysis — summarizing documents, analyzing prior art, reviewing diligence materials

  • Operations — internal workflows including docketing, scheduling, and administrative communications

How we protect your information when we use AI

  • We use AI providers under commercial agreements that prohibit training on our inputs and outputs and that provide for zero-retention or limited-retention processing of submitted data.

  • Our primary AI provider is Anthropic (Claude)

  • Attorney-client privileged information is handled under the same professional confidentiality obligations regardless of whether AI tools are involved. Our use of AI does not waive privilege or confidentiality.

  • A licensed attorney reviews legal work product before it is delivered or filed. We do not use AI to make final substantive legal decisions on your behalf.

Automated decision-making and profiling

We do not use solely automated decision-making to produce legal or similarly significant effects concerning you. AI-assisted classification or routing is reviewed by a person before producing any material effect on you.

If you have questions about how AI is used in your specific matter, ask your engagement attorney.

7. How we share your information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We share information only as described below.

Service providers (subprocessors)

We share information with vendors that help us run our firm and deliver our Services. Categories include:

  • Cloud hosting and infrastructure

  • Productivity, collaboration, and document storage

  • Document generation and e-signature

  • AI and machine learning providers

  • Communications and messaging

  • Intake forms and CRM

  • Payments and trust accounting

  • Accounting, bookkeeping, and payroll

  • IP docketing and prosecution support

  • Analytics

A current list of subprocessors is available at . These providers are bound by contracts that limit their use of your information to the purposes for which we engage them.

Co-counsel, experts, and other professionals

In the course of representing clients, we may share information with co-counsel, foreign counsel, expert witnesses, accountants, and other professionals subject to confidentiality obligations.

Government, courts, and regulators

We may disclose information to courts, government agencies (including the USPTO and state corporate registries), and regulators as part of representation or to comply with law or legal process.

Business transfers

If we are involved in a merger, acquisition, restructuring, sale of assets, or similar transaction, your information may be transferred as part of that transaction, subject to applicable confidentiality and professional ethics obligations.

To protect rights and safety

We may disclose information when we believe it is reasonably necessary to investigate or respond to suspected fraud, security incidents, threats to safety, or to enforce our agreements and policies.

With your direction or consent

We share information at your direction (for example, when you ask us to send files to a counterparty or co-counsel) or with your consent.

8. Cookies, analytics, and tracking

Our Sites use cookies, pixels, log files, and similar technologies to operate the Site, remember preferences, secure the Site, and understand usage.

Categories of cookies we use

  • Strictly necessary — required for the Site to function

  • Analytics — measure traffic and usage; we use Google Analytics / Squarespace Analytics

  • Functional — remember settings and preferences

We do not currently use advertising cookies or share information with third parties for cross-context behavioral advertising.

Opt-out preference signals (Global Privacy Control)

We honor the Global Privacy Control (GPC) browser signal as an opt-out of "sale" and "sharing" for cross-context behavioral advertising under California, Colorado, Connecticut, and other applicable state laws.

Browser controls

You can disable cookies through your browser settings. Doing so may affect Site functionality.

Do Not Track

Our Sites do not currently respond to "Do Not Track" browser signals, which is a separate mechanism from GPC.

9. Data retention

We retain personal information for as long as necessary to provide our Services, comply with legal and ethical obligations, resolve disputes, and enforce agreements. Retention varies by data type:

  • Client matter files — retained in accordance with Pennsylvania ethics rules and our internal file-retention policy, generally for at least 10 years after the matter closes

  • Financial and tax records — retained for 4 years consistent with tax and accounting requirements

  • Website inquiry data (no engagement) — retained until you unsubscribe or request deletion

  • Marketing contact data — retained until you unsubscribe or request deletion

  • Website analytics — retained according to the default retention of our analytics provider

After retention periods expire, we delete or de-identify personal information.

10. Security

We use administrative, technical, and physical safeguards intended to protect your information, including encryption in transit, access controls, vendor diligence, and regular security review. We require our subprocessors to maintain reasonable security measures.

No system is perfectly secure. If you believe your information has been compromised through our Services, contact us at privacy@nerdlawyer.ai.

11. International data transfers

We are based in the United States. Information we collect is processed in the United States and may be processed by service providers in other jurisdictions. Where we transfer personal information out of the European Economic Area, the United Kingdom, or Switzerland, we rely on appropriate transfer mechanisms (including the EU Standard Contractual Clauses and UK International Data Transfer Addendum) where required by law.

You may request information about our transfer mechanisms by emailing privacy@nerdlawyer.ai.

12. Children's privacy

Our Services are not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe we have collected information from a child, contact us at privacy@nerdlawyer.ai and we will take appropriate steps to delete it.

13. Your privacy rights

Depending on where you live, you may have the following rights. Some apply to all residents; others apply only in specific jurisdictions.

Rights available to most users

  • Access — request a copy of the personal information we hold about you

  • Correction — request that we correct inaccurate information

  • Deletion — request that we delete personal information, subject to exceptions

  • Opt out of marketing — unsubscribe from marketing communications at any time

California residents (CCPA / CPRA)

In addition to the rights above, California residents have the right to:

  • Know what categories and specific pieces of personal information we collect, use, disclose, and (if applicable) sell or share — and the categories of sources and recipients

  • Limit our use and disclosure of sensitive personal information to what is necessary to provide our Services

  • Opt out of "sale" or "sharing" of personal information (we do not sell or share for cross-context behavioral advertising)

  • Not be subject to discriminatory treatment for exercising these rights

  • Designate an authorized agent to submit requests on your behalf

Colorado, Connecticut, Virginia, and other state residents

If you are a resident of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, Iowa, Delaware, New Hampshire, New Jersey, Tennessee, Maryland, Minnesota, Rhode Island, or another state with a comprehensive privacy law (as those laws take effect), you may have rights to:

  • Access, correct, and delete personal information

  • Receive a portable copy of your personal information

  • Opt out of targeted advertising, sale, and certain profiling (we do not currently engage in any of these)

  • Appeal a denied request (see Section 14)

EEA, UK, and Swiss residents

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have rights under the GDPR and equivalent laws, including rights to access, correct, delete, restrict or object to processing, and data portability. You may also lodge a complaint with your local supervisory authority.

Legal and ethical limits on your rights

Your rights are subject to legal and professional-ethics exceptions, including our duties to maintain client files under Pennsylvania ethics rules, comply with regulatory and tax obligations, and uphold attorney-client privilege and the work product doctrine. Where we cannot fully comply with a request because of these obligations, we will tell you so.

14. How to exercise your rights

Submitting a request

Email privacy@nerdlawyer.ai with your request. Include enough information for us to identify you and the request you are making.

Verification

We will take reasonable steps to verify your identity before responding, which may require additional information. If you are a client, we may verify your identity through information associated with your matter.

Authorized agents

You may designate an authorized agent to submit a request on your behalf. We may require written authorization signed by you and may verify the identity of both you and your agent.

Timing

We respond to verifiable requests within the timeframes required by applicable law (generally 45 days under California law, with a possible 45-day extension; state-law timeframes vary).

Appeals

If we deny your request in whole or in part, you may appeal by replying to our response or emailing privacy@nerdlawyer.ai with "Appeal" in the subject line. We will respond to your appeal within the timeframe required by applicable law. If you remain unsatisfied, you may contact your state attorney general.

15. Direct marketing

We may send periodic emails about our Services, the Dispatch newsletter, and related content. You can opt out of marketing communications at any time using the unsubscribe link in any marketing email or by emailing privacy@nerdlawyer.ai. We may still send you transactional or administrative messages related to your engagement or account.

16. Third-party websites and links

Our Sites may contain links to other websites, including those of co-sponsored events and third-party content providers. We are not responsible for the privacy practices of those sites. Review their privacy policies before submitting information.

17. Changes to this policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this policy indicates when it was last revised. If we make material changes, we will provide notice through our Sites or by email where appropriate.

18. Contact us

For questions about this policy or your personal information:

Nerd Lawyer Entrepreneur Services, LLC

901 Western Ave, Pittsburgh, PA 15233

privacy@nerdlawyer.ai