Last updated: December 1, 2025

Bridge Law LLP (“Company“, “we“, “our“, or “us“) respect your privacy and are committed to protecting it through our compliance with this policy. This policy describes how we collect, process, retain, and disclose personal data about you when providing services to you through our websites, and services that link to this policy (our “Services“) and our practices for using, maintaining, protecting, and disclosing that information.

This policy applies only to information we collect:

  • Through the Services.
  • In communications, including email, text, chat, and other electronic messages, between you and the Services.
  • When you interact with our advertising and applications (including mobile apps) on third-party websites and services, if those applications or advertising include links to this policy.

It does not apply to information collected by:

  • Us through any other means, including on any other website operated by Company or any third party (including our affiliates and subsidiaries) that does not link to this policy; or
  • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or through the Services.

We may provide additional or different privacy policies that are specific to certain features, services, or activities.

Please read this policy carefully to understand our policies and practices regarding your information and how we treat it. By interacting with our Services or providing us with your information, you agree to the collection, use, and sharing of your information as described in this privacy policy. This policy may change from time to time (see How We Retain Your Personal Data). Your continued use of the Services after we make changes as described here is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Children’s and Minors’ Data

Our Services are not intended for, and we do not knowingly collect any personal data from, children under the age of 18. If we learn we have collected or received personal data from a child under 18 years old without verification of parental consent, we will delete that information.

The Personal Data That We Collect or Process

Personal data” is information that identifies, relates to, or describes, directly or indirectly, you as an individual, such as your name, email address, telephone number, home address, or payment information (for example, account information such as name, postal address, and email address, credit card number, or social security numberor any other identifier we may use to contact you online or offline).

The types and categories of personal data we collect or process include:

  • Account and contact information, including name, address, email address, phone number, username, and other contact information you provide us.
  • Payment information, including credit card or debit card information and information about the payment methods and services (such as PayPal or Venmo) you use in connection with the Services.
  • Account history, including information about your subscription, account, transactions, purchases, order history, or discounts.
  • Demographic information, including your age, gender, income level, education, or family or marital status, if you have consented to such information collection.
  • Location information, including general geographic location such as country, state or province, or city.
  • Device information, including your IP address, device identifiers, and other device information.
  • Content and information you elect to provide as part of your profile or in any reviews you make through the Services or emails, chats, or other communications sent to us.
  • Images, voice recordings, and videos collected or stored in connection with the Services, if you have consented to such information collection.
  • Identity document information, such as Social Security and driver’s license numbers, if you have consented to such information collection.
  • Biometric information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data, if you have consented to such information collection.

Some of the information identified above, including identification document information, and biometric information may be considered sensitive data under certain laws. If required under applicable law, we will collect and process sensitive personal data only with your consent. If you choose not to provide or allow us to collect some information, we may not be able to provide you with requested features, services, or information.

We also collect:

  • Statistics or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal data. For example, we may aggregate personal data to calculate the percentage of users accessing a specific Services feature.
  • Technical information. Technical information includes information about your internet connection and usage details about your interactions with the Services, such as clickstream information to, through, and from our Services (including date and time), products that you view or search for; page response times, download errors, length of your visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), or methods used to browse away from a page.

If we combine or connect non-personal statistical or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal information.

How We Collect Your Personal and Other Data

You Provide Information to Us

We collect information about you when you interact with our Services, such as when you subscribe, or create, upload, or post content to the Services, including reviews, media such as photos, videos, or audio recordings.

Automatically Through Our Services

As you navigate through and interact with our Services, we may use automatic data collection technologies to collect information that may include personal data. Information collected automatically

may include usage details, IP addresses, operating system, and browser type, and information collected through cookies, web beacons, and other tracking technologies including details of your interactions with our Services, such as traffic data, location data, logs, and other communication data, and which resources and Services features that you access and use.

We may use these automatic collection technologies to collect information about your online activities over time and across third-party sites or other online services (behavioral tracking).

Using automatic collection technologies helps us to improve our Services and to deliver a better and more personalized experience.

The technologies we use for this automatic data collection may include:

  • Cookies. A cookie is a small file placed on your device when you interact with the Services. You may refuse to accept or disable cookies by activating the appropriate setting on your browser or device. However, if you select this setting, you may be unable to access certain features of the Services.
  • Web Beacons. Some parts of the Services and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those parts or opened an email and for other related statistics (for example, recording the popularity of certain content and verifying system and server integrity).

To the extent any of these automated technologies are considered a personal data sale, targeted advertising, or profiling, under applicable laws, depending on where you live, you may opt out from use of these automated technologies for such uses by email to [email protected]. Please note that some Services features may be unavailable as a result.

When you interact with the Services, there are third parties that may use automatic collection technologies to collect information about your or your device. These third parties include:

  • Advertisers, ad networks, and ad servers.
  • Analytics companies.
  • Your device manufacturer.
  • Your internet or mobile service provider.

These third parties may use tracking technologies to collect information about you when you use the Services. The information they collect may be associated with your personal data or they may collect information, including personal data, about your online activities over time and across different websites, apps, platforms, and other online services. They may use this information to provide you with interest- based (behavioral) advertising or other targeted content.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

From Business Partners and Service Providers

We may receive personal data about you from other sources and combine that with information we collect directly from you. For example, we may obtain information about you from service providers that we engage to perform services on our behalf, such as email platform providers, content delivery services, payment processors, promotions services, and analytics, security and anti-fraud services. We also may receive personal data from business partners that we engage to share consumer information with us, including your personal preferences and demographic information such as age, gender, and income

level so that we can better provide you with a personalized experience, including personalized content and services.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal data, to:

  • Provide you with the Services and any contents, features, information, products, or services that we make available through the Services.
  • Fulfill and manage subscriptions, and payments.
  • Fulfill any other purpose for which you provide it.
  • Promote our Services, business, and offerings by publishing advertising on our own Services and by placing ads on third parties’ services. We may use your information to model, segment, target, offer, market, and advertise our Services.
  • Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
  • Notify you when Services updates are available and about changes to any products or services we offer or provide though them.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your consent.

The usage information we collect, whether connected to your personal data or not, helps us improve our Services and deliver a better and more personalized experience by enabling us to:

  • Estimate our audience sizes and usage patterns.
  • Store information about your preferences, allowing us to customize the Services according to your individual needs and interests.
  • Speed up your searches.
  • Recognize you when you return to our Services.

Who We Disclose Your Information To

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may also disclose personal data that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties we use to support our organization and who are bound by contractual obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Bridge Law LLP’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal data held by Bridge Law LLP is among the assets transferred.
  • To third parties to market their products or services to you if you have consented to these

disclosures. We contractually require these third parties to keep personal data confidential and use it only for the purposes for which we disclose it to them. For more information, see Your Rights and Choices About Your Information.

  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your personal data:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our {Invalid hyperlink URL} or {Invalid hyperlink URL} and other agreements, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of our organization, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Your Rights and Choices About Your Information

This section describes mechanisms you can use to control certain uses and disclosures of your information and rights you may have under state law, depending on where you live.

Advertising, marketing, cookies, and other tracking technologies choices:
  • Cookies and Other Tracking Technologies. You can set your browser to refuse all or some browser cookies or other tracking technology files, or to alert you when these files are being sent. You can choose whether or not to allow the Services to collect information through other tracking technologies by email to [email protected]. If you disable or refuse cookies or similar tracking files, some Services features may be inaccessible or not function properly. Some browsers include a “Do Not Track” (DNT) setting that can send a signal to the online services you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our Services may not respond to all browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described in this policy.
  • Promotions by the Company. If you do not wish us to use your information to promote our own or third parties’ products or services, you can opt out by email to [email protected]..
  • Targeted Advertising by the Company. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target audience preferences, you can opt out by email to [email protected].
  • Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal data with unaffiliated or non-agent third parties for advertising and marketing purposes, you can opt out by email to [email protected].. We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. To learn more about opting out of receiving targeted ads from members of the Network Advertising Initiative (“NAI“), including how to add the NAI Global Privacy Control (GPC) extension to your Chrome web browser, see NAI: How to Opt Out.
Location data choices:
  • Location Data. You can choose whether or not to allow the Services to collect and use real-time information about your device’s location email to [email protected]. If you block the use of location information, some Services features may become inaccessible or not function properly.

Your State Privacy Rights

Depending on your state of residency, you may have certain rights related to your personal data, including:

  • Access and Data Portability. You may confirm whether we process your personal data and access a copy of the personal data we process. To the extent feasible and required by state law, depending on your state, data will be provided in a portable format. Depending on your state, you may have the right to receive additional information and it will be included in the response to your access request.
  • Correction. You may request that we correct inaccuracies in your personal data that we maintain, taking into account the information’s nature and processing purpose.
  • Deletion. You may request that we delete personal data about you that we maintain, subject to certain exception under applicable law.
  • Opt Out of Using Personal Data for Targeted Advertising, Profiling, and Sales. You may request that we do not use your personal data for these purposes.

Important: The exact scope of these rights vary by state. There are also several exceptions where we may not have an obligation to fulfill your request.

To exercise any of these rights, please {REQUEST SUBMISSION METHOD}. To appeal a decision regarding a consumer rights request {REQUEST SUBMISSION METHOD}.

Some browsers and browser extensions support the Global Privacy Control (“GPC“) that can send a signal to process your request to opt out from certain types of data processing, including data “sales” as defined under certain laws. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting as required by applicable law.

Nevada provides its residents with a limited right to opt out of certain personal data sales.

Residents who wish to exercise their sale opt-out rights may submit a request to this designated address: [email protected]. However, please know we do not currently sell data triggering that statute’s opt-out requirements.

California Privacy Rights (CCPA/CPRA)

This section applies to California residents and supplements the information contained in this Privacy Policy. The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”), provides California residents with specific rights regarding their personal information.

Categories of Personal Information We Collect

In the preceding 12 months, we have collected the following categories of personal information from California residents:

  1. Identifiers: Real name, postal address, email address, account name, social security number, driver’s license number, IP address, or other similar identifiers.
  • Personal information under Cal. Civ. Code § 1798.80(e): Name, signature, address, telephone number, credit card number, debit card number, or other financial information.
  • Protected classification characteristics: Age, gender, marital status, or other demographic information.
  • Commercial information: Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Biometric information: Fingerprints, faceprints, voiceprints, iris or retina scans, keystroke patterns, gait patterns, or other biometric data (collected only with your consent).
  • Internet or network activity: Btrsing history, search history, and information regarding your interaction with our Services or advertisements.
  • Geolocation data: Physical location or movements.
  • Audio, electronic, visual, or similar information: Images, audio recordings, video recordings collected through the Services.
  • Inferences: Inferences drawn from any of the information identified above to create a profile reflecting your preferences, characteristics, behavior, or attitudes.
  • Sensitive Personal Information: Social security number, driver’s license number, account credentials, payment card information, precise geolocation, contents of communications, biometric information, health data, and information concerning sex life or sexual orientation (collected only with your consent where required).

California Consumer Rights

California residents have the following rights under the CCPA:

Right to Know: You have the right to request that we disclose to you: (1) the categories and specific pieces of personal information we have collected about you; (2) the categories of sources from which your personal information is collected; (3) the business or commercial purpose for collecting, selling, or sharing your personal information; (4) the categories of third parties to whom we disclose your personal information; and (5) the categories of personal information we have sold or shared and the categories of third parties to whom we sold or shared personal information.

Right to Delete: You have the right to request deletion of your personal information that we have collected from you, subject to certain exceptions under the CCPA.

Right to Correct: You have the right to request correction of inaccurate personal information that we maintain about you.

Right to Opt Out of Sales and Sharing: You have the right to opt out of the sale or sharing of your personal information. We may sell or share personal information as described in this policy. To opt out of sales or sharing, please contact us at [email protected] or click “Do Not Sell or Share My Personal Information” if available on our Services.

Right to Limit Use of Sensitive Personal Information: You have the right to limit our use and disclosure of your sensitive personal information to uses necessary to perform the Services or provide the goods requested by you, or as otherwise permitted by the CCPA. To exercise this right, please contact us at [email protected].

Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA rights. We will not discriminate against you for exercising any of your CCPA rights, including by denying you goods or services, charging you different prices or rates, providing you a

different level or quality of goods or services, or suggesting that you may receive a different price or rate or a different level or quality of goods or services.

Authorized Agents: You may designate an authorized agent to make requests on your behalf. You must provide the authorized agent written permission to submit requests on your behalf, and we may require that you verify your identity directly with us and directly confirm with us that you provided the authorized agent permission to submit the request. Authorized agents can submit requests to [email protected].

Exercising Your California Rights: To exercise your rights under the CCPA, please submit a verifiable consumer request to us by emailing [email protected]. We will respond to your request within 45 days, unless we notify you that we require additional time (up to 90 days total). We will verify your identity before processing your request, which may require us to request additional information from you.

European Union General Data Protection Regulation (GDPR) Rights

This section applies to individuals located in the European Economic Area (EEA), the United Kingdom, and Switzerland (collectively, “Europe”). Under the General Data Protection Regulation (GDPR), we are required to provide additional information about our data processing activities and your rights.

We process your personal data based on the following legal grounds:

Contractual Necessity: We process your personal data to perform our contract with you, including providing the Services, processing payments, and fulfilling orders (GDPR Article 6(1)(b)).

Legitimate Interests: We process your personal data for our legitimate interests or the legitimate interests of third parties, including operating and improving our Services, fraud prevention, security, direct marketing, and analytics, provided that such interests are not overridden by your rights and interests (GDPR Article 6(1)(f)).

Consent: We process your personal data based on your consent where you have provided it, including for sensitive personal data, biometric information, marketing communications, and cookies. You have the right to withdraw your consent at any time by contacting us at [email protected] (GDPR Article 6(1)(a) and Article 9(2)(a)).

Legal Obligations: We process your personal data to comply with legal obligations to which we are subject, including tax and accounting requirements, and responding to lawful requests from authorities (GDPR Article 6(1)(c)).

Your Rights Under GDPR

If you are located in Europe, you have the following rights under the GDPR:

Right of Access: You have the right to obtain confirmation as to whether we process your personal data and, if so, to request access to and receive a copy of your personal data (GDPR Article 15).

Right to Rectification: You have the right to request that we correct inaccurate personal data concerning you and to complete incomplete personal data (GDPR Article 16).

Right to Erasure (“Right to be Forgotten”): You have the right to request erasure of your personal data in certain circumstances, including where the data is no longer necessary for the purposes for which it was collected, where you withdraw consent, where you object to processing, or where the data has been unlawfully processed (GDPR Article 17).

Right to Restriction of Processing: You have the right to request restriction of processing of your personal data in certain circumstances, including where you contest the accuracy of the data, where processing is unlawful, where we no longer need the data but you need it for legal claims, or pending verification of an objection to processing (GDPR Article 18).

Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible, when processing is based on consent or contract and carried out by automated means (GDPR Article 20).

Right to Object: You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes (including profiling). If you object to processing for direct marketing purposes, we will no longer process your personal data for such purposes (GDPR Article 21).

Right Not to be Subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless such processing is necessary for contract performance, authorized by law, or based on your explicit consent (GDPR Article 22).

Right to Withdraw Consent: Where we rely on your consent as the legal basis for processing, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal (GDPR Article 7(3)).

Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you believe that the processing of your personal data violates the GDPR (GDPR Article 77).

Exercising Your GDPR Rights: To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month, unless the request is complex or we receive multiple requests, in which case we may extend this period by two additional months and will inform you of the extension. We may request additional information to verify your identity before processing your request.

International Data Transfers

Your personal data may be transferred to, stored, and processed in countries outside of Europe, including the United States, which may have data protection laws that differ from those in your country. When we transfer personal data outside of Europe, we implement appropriate safeguards to protect your personal data, including:

Standard Contractual Clauses: We use European Commission-approved Standard Contractual Clauses (SCCs) for transfers to third countries (GDPR Article 46(2)(c)).

Adequacy Decisions: We transfer data to countries that the European Commission has determined provide an adequate level of data protection (GDPR Article 45).

Other Appropriate Safeguards: We may use other appropriate safeguards recognized under GDPR Article 46, including binding corporate rules, approved codes of conduct, or approved certification mechanisms.

For more information about the safeguards we use for international transfers of your personal data, please contact us at [email protected].

Data Retention Periods

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention periods depend on the type of data and purposes of processing, including:

Account Information: Retained for the duration of your account plus a reasonable period thereafter for legal and audit purposes, typically up to 7 years after account closure.

Transaction Records: Retained for legal, tax, and accounting purposes as required by applicable law, typically 7-10 years.

Marketing Data: Retained until you opt out of marketing communications or as required for legitimate business purposes, typically up to 3 years from last interaction.

Technical and Usage Data: Retained for operational purposes, security, and analytics, typically 12-24 months unless longer retention is necessary for security or fraud prevention.

Supervisory Authority Contact Information

If you are located in Europe and have concerns about our processing of your personal data that we have not adequately addressed, you have the right to lodge a complaint with the data protection supervisory authority in your country. Contact information for EU supervisory authorities can be found at: https://edpb.europa.eu/about-edpb/about-edpb/members_en

How We Protect Your Personal Data

We use commercially reasonable administrative, physical, and technical measures designed to protect your personal data from accidental loss or destruction and from unauthorized access, use, alteration, and disclosure. However, no website, mobile application, system, electronic storage, or online service is completely secure, and we cannot guarantee the security of your personal data transmitted to, through, using, or in connection with the Services. In particular, email, texts, and chats sent to or from the Services may not be secure, and you should carefully decide what information you send to us via such communications channels. Any transmission of personal data is at your own risk.

The safety and security of your information also depends on you. You are responsible for taking steps to protect your personal data against unauthorized use, disclosure, and access.

How We Retain Your Personal Data

We keep the categories of personal data described in this policy for as long as reasonably necessary to fulfill the purposes described or for as otherwise legally permitted or required, such as maintaining the Services, operating our organization, complying with our legal obligations, resolving disputes, and for safety, security, and fraud prevention. This means that we consider our legal and business obligations, potential risks of harm, and nature of the information when deciding how long to retain personal data. At the end of the retention period, personal data will be deleted, destroyed, or deidentified.

Changes to Our Privacy Policy

We may update this policy from time to time, and we will provide notice of any such changes to the policy as required by law. The date the privacy policy was last updated is identified at the top of the page. We will notify you of changes to this policy by updating the “last updated” date and posting the updated policy on the Services. We may email or otherwise communicate reminders about this policy, but you should check our Services periodically to see the current policy and any changes we have made to it.

Contact Information

To exercise your rights or ask questions or comment about this privacy policy or our privacy practices, contact us at: [email protected]