Privacy Policy

Last Updated: January 12, 2026

Introduction

Compass Law Group ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our legal services.

We understand that when you engage legal counsel, you entrust us with sensitive and confidential information. We take this responsibility seriously and have implemented robust measures to protect your data in accordance with applicable laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Utah Consumer Privacy Act (UCPA).

Information We Collect

Personal Information You Provide

We collect information that you voluntarily provide to us when you:

  • Complete our contact or consultation request forms
  • Subscribe to our newsletter or legal updates
  • Engage our legal services
  • Communicate with us via email, phone, or other channels
  • Attend our events or webinars

This information may include:

  • Contact Information: Name, email address, phone number, mailing address
  • Professional Information: Employer, job title, business address
  • Case-Related Information: Details about your legal matter, relevant documents, and communications
  • Financial Information: Billing address, payment method details (processed securely through third-party payment processors)

Information Collected Automatically

When you visit our website, we automatically collect certain information, including:

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, click patterns, referring URLs
  • Location Data: General geographic location based on IP address
  • Cookies and Tracking Technologies: Information collected through cookies, pixels, and similar technologies (see our Cookie Policy)

How We Use Your Information

We use the information we collect for the following purposes:

Legal Services

  • Providing legal advice and representation
  • Managing attorney-client relationships
  • Conducting conflict checks
  • Processing payments and maintaining billing records
  • Communicating about your case or legal matters

Business Operations

  • Responding to inquiries and consultation requests
  • Improving our website and services
  • Analyzing website traffic and user behavior
  • Ensuring website security and preventing fraud
  • Complying with legal obligations and professional responsibilities

Communications

  • Sending legal updates and newsletters (with your consent)
  • Providing information about our services
  • Notifying you of changes to our policies or practices

Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide legal services you have requested
  • Legal Obligation: Processing required to comply with professional and legal requirements
  • Legitimate Interests: Processing for our legitimate business interests, such as improving our services and marketing (balanced against your rights)
  • Consent: Processing based on your explicit consent, which you may withdraw at any time

How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: Third-party vendors who assist with website hosting, payment processing, email delivery, and analytics (bound by confidentiality agreements)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Professional Obligations: As necessary to fulfill our professional responsibilities as attorneys
  • With Your Consent: When you have given explicit permission to share information with specific parties
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with continued protection of your data)

Data Protection Measures

We implement comprehensive security measures to protect your personal information:

  • Encryption: SSL/TLS encryption for data in transit; encryption at rest for sensitive data
  • Access Controls: Role-based access restrictions limiting data access to authorized personnel
  • Secure Infrastructure: Enterprise-grade hosting with regular security audits and monitoring
  • Employee Training: Regular privacy and security training for all staff members
  • Incident Response: Established procedures for detecting, reporting, and responding to data breaches
  • Data Minimization: Collection of only information necessary for stated purposes

Your Privacy Rights

Rights Under GDPR (EEA/UK Residents)

If you are located in the European Economic Area or United Kingdom, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data (subject to legal retention requirements)
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time for consent-based processing

Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:

  • Right to Know: Request information about the categories and specific pieces of personal information we have collected
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt out of the sale or sharing of your personal information (we do not sell personal information)
  • Right to Non-Discrimination: Not be discriminated against for exercising your privacy rights
  • Right to Limit Use: Limit the use and disclosure of sensitive personal information

Rights Under UCPA (Utah Residents)

Utah residents have rights including access, deletion, data portability, and the right to opt out of targeted advertising and sales of personal data.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Factors we consider include:

  • The duration of our attorney-client relationship
  • Legal and professional obligations requiring record retention
  • Statute of limitations periods for potential legal claims
  • Business needs and legitimate interests

Client files and related records are typically retained for a minimum of seven (7) years after the conclusion of representation, in accordance with professional responsibility requirements.

Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately so we can delete such information.

International Data Transfers

Your information may be transferred to and processed in the United States, where our servers are located. If you are located outside the United States, please be aware that data protection laws may differ from those in your jurisdiction. By using our website or services, you consent to the transfer of your information to the United States. For EEA/UK residents, we implement appropriate safeguards such as Standard Contractual Clauses to protect your data during international transfers.

Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. When we make material changes, we will notify you by posting the updated policy on our website with a new "Last Updated" date. We encourage you to review this policy regularly.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our data practices, please contact us:

Compass Law Group

Privacy Inquiries

6975 South Union Park Ave, Suite 600

Cottonwood Heights, UT 84047

Email: support@compasslawgrp.com

Phone: (888) 828-0590

We will respond to your request within the timeframe required by applicable law (typically 30-45 days).