top of page
  • Bluesky_logo_(black).svg
  • Linkedin

Privacy Policy

​

Effective Date: March 14, 2025

 

CrossFiles (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, store, and share your information when you access and use our services. By using CrossFiles, you consent to the data practices described in this policy.

​

 

1. Information We Collect

When you create an account and use CrossFiles, we collect the following information:

  • Personal Information: First and last name, email address, phone number (for two-factor authentication), law firm name, firm address, and profile picture.

  • Account Security Information: Passwords (stored in encrypted form) and Two-Factor Authentication (2FA) status.

  • Case-Related Data: Information you enter regarding cases, messages, and shared files.

  • Payment Information: If you subscribe to our services, payments are securely processed through Stripe ([INSERT STRIPE TERMS LINK]).

  • Uploaded Files: Files shared through CrossFiles are managed via ONLYOFFICE for secure storage and collaboration.

  • Cookies and Session Tokens: We use strictly necessary cookies for authentication, account management, and secure redirection to ONLYOFFICE. These cookies are required to maintain session security and do not track user activity beyond what is necessary for system functionality.
     

 

2. Data Storage & Security

We take security seriously and implement the following measures to protect your data:

  • Encryption: All stored and transmitted data is encrypted.

  • Access Controls: Only authorized users can access data within their cases.

  • 2FA Authentication: CrossFiles requires Two-Factor Authentication (2FA) using your mobile phone to enhance account security.

  • Limited Data Access: Only users assigned to a case can access relevant information.

  • Regular Security Audits: We conduct internal reviews to maintain compliance with U.S. data privacy laws.
     

 

3. Data Sharing & Third Parties

We do not sell, rent, or share your personal data with third parties except:

  • Payment Processing: We use Stripe for billing and subscription management ([INSERT STRIPE TERMS LINK]).

  • Document Management: We integrate ONLYOFFICE for file handling and security.

  • Legal Compliance: We may disclose data if required by law or legal process.

We do not use third-party analytics, marketing trackers, or advertising cookies.

​

 

4. User Rights & Account Management

Account & Data Control

  • You may update your account details (e.g., name, email, law firm information) directly within your profile settings.

  • To delete your account, you must send an email to admin@crossfileslegal.com. Once your request is processed, your data will be immediately and permanently deleted.

​

Data Retention

  • If you request account deletion, all associated personal data is immediately removed. But case file information remains for 2 years from when a case is closed. 

  • Deleted data cannot be recovered once erased from our systems.

​

 

5. Compliance with U.S. Laws

CrossFiles operates exclusively within the United States and complies with all applicable U.S. federal and state privacy laws, including:

  • California Consumer Privacy Act (CCPA) – Users in California have rights regarding access, deletion, and control of their personal information.

  • State-Specific Legal Ethics Regulations – Lawyers using CrossFiles must comply with confidentiality obligations based on their state’s bar association rules.

  • Electronic Communications Privacy Act (ECPA) – CrossFiles ensures that user data is handled in compliance with U.S. federal regulations on digital communications.
     

 

6. Children's Privacy

CrossFiles does not impose age restrictions; however, the platform is designed exclusively for legal professionals. It is not intended for children or general consumers.
 

 

7. Cookies & Session Tracking

We use strictly necessary cookies for:

  • User Authentication – Keeping users logged in securely.

  • Session Management – Enabling smooth redirection to ONLYOFFICE for document handling.

  • Security Tokens – Protecting against unauthorized access.

These cookies do not track user behavior for marketing or analytics purposes and cannot be disabled without impacting platform functionality.
 

 

8. Breach Notification Policy

In the event of a data breach, CrossFiles will:

  • Immediately investigate the scope of the breach.

  • Notify affected users via our internal notification panel and in accordance with appropriate state and/or federal laws and regulations. 

  • Individually contact users whose data may have been impacted.

  • Work with authorities as required by U.S. state and federal laws.
     

 

9. Governing Law

This Privacy Policy is governed by the laws of all U.S. states. Users must ensure compliance with state-specific legal requirements and Civil, Criminal, Court, and Local Rules when using CrossFiles.

​

 

10. Contact Information

For any privacy-related inquiries, please contact us at support@crossfileslegal.com.

 

By using CrossFiles, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

bottom of page