Privacy Statement

Last Updated: February 26, 2025

Vining Legal PLLC (“VL” or “we,”) is a small, Texas-based law firm focused on advising clients on legal AI implementation as well as traditional legal services. We value your trust and are committed to handling your personal information responsibly and in accordance with our ethical obligations.

This Privacy Statement describes how VL collects, uses, protects, and shares personal information. It applies to information we process when you interact with us in-person or online (including our website, email communications, and virtual events), engage our legal services, or otherwise communicate with us.

If you don’t agree with any part of this Privacy Statement, please don’t use our website or services and don’t provide any personal data to us.

________________________________________

Information We Collect

We collect only the information reasonably necessary to fulfill the purposes described in this Privacy Statement. The categories of personal information we may collect include:

  • Contact Details: Such as name, email address, mailing address, and phone number.

  • Client Matter Information: Documents, communications, context, and other data you provide so that we may deliver legal services, including information relevant to AI-based legal technology projects.

  • Billing and Payment Information: Information needed to invoice our services or collect payment.

  • Technical and Usage Data: Basic analytics about your interactions with our website or online platforms (e.g., IP address, browser type), collected in a limited manner to help maintain and improve our online services.

We don’t collect information beyond what’s required for the services we provide or as permitted by law. If we’re required by law or contract to collect your personal data and you choose not to provide it, we may not be able to provide the services you requested or otherwise perform under our contract with you.

________________________________________

How We Use Your Information

We use the personal information we collect for the following purposes:

  • Service Delivery:

    • To provide traditional or AI-related legal services.

    • To communicate with you about your matters, respond to inquiries, and fulfill contractual obligations.

  • Business Operations:

    • To manage our internal administration, accounting, and billing processes.

    • To market and advertise our services, consistent with our professional obligations and applicable law.

    • To maintain and improve our website, internal systems, and overall client experience.

  • Legal and Ethical Obligations:

    • To comply with laws and professional responsibilities.

    • To protect our rights and interests (e.g., to enforce agreements, or in response to legitimate legal requests).

________________________________________

Data Retention

We retain personal information as needed to:

  • Provide the services you request and manage your matters.

  • Meet professional and ethical obligations.

  • Comply with legal requirements.

  • Protect our legal rights and interests.

We strive to keep retention periods straightforward. In general, we maintain records for the duration of a client relationship and for a reasonable period afterward, in line with legal, regulatory, or ethical requirements. If you have questions about specific retention periods, you may contact us for further details.

________________________________________

Security Measures

We take reasonable steps to protect personal information, consistent with the scale of our firm and our professional obligations under Texas law. These measures include:

  • Secure Technology Providers: We use reputable, enterprise-grade cloud service and law practice management providers with robust security controls.

  • Access Controls: We limit access to personal information only to those who need it for legitimate business or legal purposes.

  • Data Minimization: We share or store only the information necessary to accomplish the task at hand.

  • Vendor Oversight: We perform due diligence on third-party providers to ensure they have appropriate security measures in place.

For more details, please see our Information Security Policy, available upon request.

________________________________________

Data Sharing and Subprocessors

We share personal information only for the limited purposes below:

  • Service Delivery: To provide legal services, we may share data with third-party service providers (e.g., cloud hosting or law practice management platforms) or AI tools as described in “LLM Data Handling” below.

  • Legal or Regulatory Requirements: We may disclose information to courts, law enforcement, or regulators if legally required or to protect our rights or the rights of our clients.

  • Business Operations: We may engage carefully selected subprocessors to support administrative or operational functions, such as IT services.

We may also disclose personal information to our affiliates (other entities owned, controlled, or under common ownership with VL) for administrative or regulatory compliance purposes, IT management, or for them to provide services to you or support and supplement the legal services VL provides.

A current list of VL’s subprocessors—including a description of their services and security commitments—is available in our Subprocessor disclosure, which we provide upon request and update as needed.

We do not sell personal information to third parties or share data for large-scale marketing purposes.

________________________________________

LLM Data Handling

If you are a client, at your request VL may use certain LLM tools (e.g., CoCounsel, Lexis+ AI) in an effort to enhance efficiency and reduce costs in traditional legal tasks—always under attorney supervision. As outlined in our LLM Policy, we will not input client confidential information into any LLM for this purpose unless the client has explicitly requested or consented to LLM use.

We use various LLM tools for practice support (e.g., templates), product research, and internal administrative purposes (e.g., word processing), but we will not input client confidential information into them for these purposes except as incidentally required for our service providers to deliver essential services to us.

We apply safeguards designed to ensure client information is handled responsibly, does not train public AI models, and is used solely for the specific task at hand. For more details, clients should review our LLM Policy or speak with a VL attorney.

________________________________________

Your Rights and Choices

Depending on the nature of your relationship with VL and applicable law, you may have certain rights regarding your personal information, such as the right to:

  • Access, Correction, and Deletion: Request to see, correct, or delete the information we hold about you.

  • Manage Consent: Decide whether to allow LLM-related or other processing or sharing of your data.

Please note that some rights may be subject to limitations, such as legal privilege or ethical obligations. If you wish to exercise any of these rights or have questions about how we handle your information, you may contact us as described below.

________________________________________

Updates to This Privacy Statement

VL may update this Privacy Statement from time to time to reflect changes in our practices, legal requirements, or professional obligations. We will post any material updates on our website and, where appropriate, notify active clients directly.

________________________________________

Contact Us

If you have questions about this Privacy Statement, our privacy practices, or wish to exercise any rights concerning your personal information, please contact:

Vining Legal PLLC

Attn: Privacy Inquiries

4245 N Central Expressway, Suite 490

Dallas, TX 75205

Email: privacy@vininglegal.com