LS Cloud Services & Datacenters Providers, the developer of the Law Surface program, is committed to protecting users’ privacy and respecting the confidentiality of data of all types. The company adheres to internationally recognized technical and organizational best practices in the field of information security and privacy protection. This Privacy Policy aims to clarify the nature of the data that may be collected or processed, how such data is used, the limits of liability, and the rights of users, in order to ensure full transparency and establish a clear relationship of trust between the user and the program.
This Privacy Policy applies to the Law Surface program and shall also apply when using any services, applications, or systems provided by LS Cloud Computing Services, whether used independently or as part of integrated solutions. Use of any such services constitutes implicit acceptance of and compliance with this Policy.
IMS Developers, a company registered in Dubai and the United States of America, is a strategic partner of LS Cloud Computing Services in providing certain technical and integration services. Some integration services or technical accounts related to the program may be registered or managed under the name of IMS Developers for regulatory or technical purposes only. This does not affect the data protection obligations or the level of privacy standards established under this Policy.
The Law Surface program does not collect any personal data randomly or on a mandatory basis. Personal data is collected only when the user requests assistance or support from the technical support or customer service team, or when the user voluntarily provides personal data of their own accord. In all cases, no personal data shall be used, accessed, or processed without the user’s explicit consent and solely for the purpose for which such data was provided.
Only non-personal data is collected, and this does not include user data, client data, or case or claim information entered into the system. Such data includes technical information such as Internet Protocol (IP) addresses, software license information, service activation dates, and the technical environment used, strictly for operational and organizational purposes.
Personal or non-personal data may be used to improve customer service, respond more efficiently to support requests, enhance the user experience, analyze system usage in an aggregated and non-identifiable manner, detect and fix technical errors, and develop the program and its services. Such data shall not be shared with third parties except to the extent necessary to provide the requested service and in accordance with this policy.
The Law Surface program applies the principle of data minimization, whereby no data is collected, processed, or stored except to the extent technically and operationally necessary to provide the service. No data is retained for unauthorized purposes or for purposes unrelated to the direct use or improvement of the program.
Each user’s or entity’s data is stored in a technically independent and fully segregated environment from other users’ data, at the level of databases, storage paths, and access permissions. This ensures the highest levels of isolation, privacy, and non-interference.
LS Cloud Services & Datacenters Providers does not monitor, review, or analyze the legal or professional content entered by users into the program. Any technical interaction with data is limited strictly to automated processing required for system operation.
The user bears full responsibility for all data, information, and content entered, uploaded, or shared through the Law Surface program or any associated services, including the legality, accuracy, validity, and legitimacy of such content. The company shall not be liable for any damages or consequences arising from the entry or sharing of content that violates applicable laws or regulations.
The user is fully responsible for configuring privacy settings and access levels within their account, including permissions granted to sub-users or employees. The company bears no responsibility for unauthorized access resulting from improper configuration of such settings.
If the user shares login credentials or allows more than one person to access the account, all activities performed through the account shall be attributed to the original user. The company shall not be liable for any misuse or data disclosure resulting from such practices.
When activating or using any third-party service through the Law Surface program, the user acknowledges that data sharing occurs based on the user’s explicit request and choice. The company does not have technical or legal control over third-party systems or their privacy policies and shall not be liable for how data is processed, stored, or protected after being transferred to such third parties. All resulting risks are borne solely by the user.
The user further acknowledges that any integration, linkage, or use of third-party services through the program is done at the user’s own responsibility. The company’s role is limited to providing a technical interface for integration without supervision, control, or guarantees. The user is solely responsible for evaluating the suitability of such services for their professional or legal use and for complying with their terms and policies.
When a translation service is requested, only the inputs necessary for translation are transferred once to the third-party service provider, without transferring any additional data related to case files. The Law Surface program does not guarantee the accuracy or legal suitability of translations, and the user bears full responsibility for reviewing and approving translated content before use.
When using chat services, entered messages are shared with the third-party service provider solely for service operation purposes, without transferring any files or additional information. The company bears no responsibility for the content of conversations or the privacy policies of the third party.
When using WhatsApp messaging services, only the content selected by the user is transferred to the WhatsApp platform operated by a third party. Messages are subject to the third party’s privacy policies, and the company bears no responsibility for message confidentiality once they leave the program’s systems.
When using AI services, user inputs such as case details may be stored or shared locally and with the third party “OpenAI” for processing purposes only, without names or identifying data. The user acknowledges that AI outputs are automated, non-binding, and do not constitute legal advice, and the user bears full responsibility for their use or reliance upon them.
Law Surface may allow users to connect their Google account in order to enable calendar synchronization features. Access to Google user data occurs only after the user provides explicit authorization through Google OAuth consent. The connection is initiated solely at the request of the user and may be revoked at any time.
When authorized, Law Surface may access limited Google Calendar data necessary to provide synchronization functionality. This may include calendar event titles, event dates and times, event descriptions, calendar identifiers, and the authenticated user’s email address. Law Surface does not access Gmail content, Google Drive files, Google Contacts, or any other Google services unless explicitly stated and separately authorized by the user.
Google user data is used exclusively for the purpose of synchronizing meetings and appointments between Law Surface and Google Calendar, creating, updating, or deleting calendar events based on user actions, and displaying relevant calendar information within the Law Surface system. Such data is not used for advertising, marketing, profiling, analytics unrelated to calendar functionality, resale, or any unrelated commercial purposes.
Law Surface does not sell, rent, or share Google user data with third parties. Google user data may be processed within secure cloud hosting environments strictly for the purpose of delivering the Law Surface service. Any infrastructure providers engaged for hosting or processing operate under confidentiality and security obligations and do not receive Google user data for independent use.
Google user data is transmitted using encrypted connections (HTTPS/TLS). Access tokens and related information are stored within protected server environments that implement role-based access controls, authentication safeguards, and industry-standard technical and organizational security measures designed to prevent unauthorized access, alteration, disclosure, or destruction of data.
Google user data is retained only for as long as necessary to provide calendar synchronization services. If a user disconnects their Google account from Law Surface, associated access tokens are deleted, synchronization access is revoked, and related Google data is removed from our systems where applicable. Users may revoke Law Surface’s access to their Google account at any time through their Google Account permissions page at https://myaccount.google.com/permissions . Users may also request permanent deletion of their data by contacting support@lawsurface.com .
Law Surface’s use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.
Law Surface may allow users to connect their Zoom account in order to create, update, or delete Zoom meetings directly from within the platform. This integration is activated only at the user’s request and requires explicit authorization through Zoom’s secure authentication process. Law Surface accesses only the information necessary to create and manage meetings, such as meeting topic, date, time, duration, and generated meeting links.
Meeting links generated through the Zoom integration are created within the user’s own Zoom account and are displayed solely within the Law Surface system for the purpose of assisting the user in managing appointments and sessions. Law Surface does not distribute, publish, or share Zoom meeting links with third parties unless explicitly instructed by the user. The user remains solely responsible for sharing meeting links with participants and for managing access permissions within their Zoom account.
Law Surface does not control, host, or operate Zoom’s infrastructure. The availability, performance, functionality, or security of Zoom meetings is governed entirely by Zoom’s systems and policies. Law Surface shall not be responsible for meeting link failures, service interruptions, authentication errors, changes to Zoom’s platform, or any technical issues arising from Zoom’s services. Any disruptions, delays, or data loss resulting from Zoom’s platform, updates, outages, or third-party infrastructure remain outside the control and responsibility of Law Surface.
Any data transmitted between Law Surface and Zoom is processed using secure encrypted connections in accordance with industry-standard security practices. Users may revoke Zoom integration access at any time through their Zoom account settings or within the Law Surface system.
Law Surface may allow users to connect their Microsoft Teams account for the purpose of creating, modifying, or canceling meetings directly from within the platform. This integration is activated only upon the user’s request and requires explicit authorization through Microsoft’s secure authentication system (Microsoft Entra ID). Law Surface’s access is limited strictly to the data necessary to manage meetings, such as the meeting title, date, time, duration, and the generated meeting link.
Meeting links are created through the user’s own Microsoft account and are displayed داخل the Law Surface system solely to assist the user in managing appointments and sessions. Law Surface does not distribute, publish, or share Microsoft Teams meeting links with any third party except based on the user’s explicit instructions. The user remains fully responsible for sharing meeting links with participants and for managing access permissions through their Microsoft Teams account settings.
Law Surface does not control, host, or manage Microsoft’s or Microsoft Teams’ infrastructure. The availability, performance, functionality, and security of meetings are entirely subject to Microsoft’s systems and policies. Law Surface bears no responsibility for meeting link failures, service interruptions, authentication errors, changes to the Microsoft Teams platform, or any technical issues arising from Microsoft’s services. Any interruptions, delays, or data loss resulting from Microsoft updates, outages, infrastructure issues, or third-party services remain outside the control and responsibility of Law Surface.
Any data transmitted between Law Surface and Microsoft Teams is transferred via encrypted and secure connections in accordance with industry-standard information security practices. The user may revoke Microsoft Teams integration authorization at any time through their Microsoft account settings or from within the Law Surface system.
The company does not guarantee the timely or continuous delivery of notifications, alerts, or messages, whether through the program, email, calendar services, WhatsApp, or any external channel. The user remains responsible for manual follow-up and must not rely solely on automated notifications.
No employee or team member of the Law Surface program may view, browse, copy, or transfer user-entered data directly or indirectly without explicit authorization from the user’s designated executive authority and strictly within the specified purpose.
The company applies advanced security measures including software encryption, intrusion monitoring, paid protection systems, encrypted backup algorithms, firewalls, and automatic and manual file scanning. Each client is provided with a separate database and upload directory. Encrypted backups are maintained on trusted servers to ensure service continuity and data protection in emergency situations.
The company bears no responsibility for data loss resulting from user-initiated deletion, misuse, or explicit user instructions. Temporary backup copies may remain for technical purposes only and are deleted automatically according to backup schedules.
The service may be temporarily suspended for maintenance, updates, technical failures, or circumstances beyond control, including natural disasters, cyberattacks, or third-party service failures, without liability or compensation.
The user bears sole responsibility for ensuring that their use of the program complies with applicable laws and regulations within their jurisdiction or professional scope. The company bears no responsibility for legal violations arising from such use.
If an official request is received from a competent governmental or judicial authority, the company shall comply with the minimum legally required disclosure, following lawful procedures, and shall make reasonable efforts to notify the user where legally permitted.
The company does not sell, rent, or share users’ personal information. User feedback or comments may be shared in anonymized form for development or marketing purposes without revealing identities.
Any potential liability of the company, if any, shall be limited to the subscription fees paid by the user for the most recent subscription period and shall not include indirect, consequential, professional, or incidental damages.
The company reserves the right to update this policy at any time. In the event of material changes affecting data processing, user consent shall be obtained. The user is responsible for periodically reviewing this policy.
By using the Law Surface program, the user acknowledges full acceptance of this policy. If the user does not agree, they must cease using the program. Continued use after updates constitutes implicit acceptance. Data Minimization Principle The Law Surface program applies the principle of data minimization, whereby no data is collected, processed, or stored except to the extent technically and operationally necessary to provide the service. No additional data is retained for unauthorized purposes or for purposes not directly related to the use or improvement of the program.
Each user’s or entity’s data is stored in a technically independent and fully segregated environment from that of other users, including at the database, storage path, and access permission levels. Under no circumstances are client data merged, combined, or made accessible in a cross-client manner, ensuring the highest level of isolation and privacy.
LS Cloud Services & Datacenters Providers does not monitor, review, or analyze the legal or professional content entered by the user into the program, including cases, sessions, documents, memoranda, or any information related to work files. Any technical interaction with data is strictly limited to automated processing required for system operation.
The user acknowledges that LS Cloud Services & Datacenters Providers is not a legally entrusted or fiduciary entity with respect to the legal or professional content entered into the program and is not considered a custodian or trustee of professional secrets or the relationship between the user and their clients. The company’s role is limited to providing a technical infrastructure for data management without assuming any professional or legal obligation regarding such content.
The user acknowledges that the Law Surface program is a technical tool for data management and is not a party to any legal or professional relationship between the user and their clients or counterparts. The company bears no responsibility for the confidentiality of such professional relationships or for any legal obligations arising therefrom, which remain entirely the responsibility of the user.
The user bears full responsibility for configuring privacy settings, permissions, and access levels within their account, including permissions granted to employees or sub-users. The company shall not be liable for any unauthorized access resulting from improper configuration of such settings.
If the user shares login credentials or allows more than one person to use the account, all activities conducted through the account shall be attributed to the original user. LS Cloud Services & Datacenters Providers shall not be liable for any misuse or data disclosure resulting from such actions.
The company shall not be liable for any data loss resulting from user-initiated deletion, accidental deletion, misuse of the system, or explicit instructions from the user, even if such data cannot be recovered.
The service may be temporarily suspended in cases of maintenance, technical updates, emergency failures, or circumstances beyond reasonable control, including cyberattacks or failures in third-party infrastructure. No liability or compensation shall arise from such interruptions.
LS Cloud Services & Datacenters Providers shall not be liable for any delay or failure in providing the service resulting from events beyond reasonable control, including natural disasters, internet outages, large-scale cyberattacks, governmental decisions, or failures of third-party services.
The user bears sole responsibility for ensuring that their use of the Law Surface program complies with applicable laws and regulations in their country or professional scope, including data protection laws, privacy regulations, and professional confidentiality obligations. The company shall not be liable for any legal violations arising from such use.
If LS Cloud Services & Datacenters Providers receives an official request from a competent judicial or governmental authority to access specific data, the company shall comply only with the minimum disclosure required by law and in accordance with applicable legal procedures, without unnecessary expansion or disclosure, and shall make reasonable efforts to notify the user where legally permitted.
Upon the user’s request to delete data or terminate use of the program, such request shall be executed in accordance with approved technical procedures and may require a reasonable period of time. The company shall not be liable for the retention of temporary backup copies, which are deleted later as part of automated backup cycles.
The user acknowledges that certain data may remain in backup systems for a limited period solely for technical protection purposes and shall not be available for use or processing. Such data is automatically deleted in accordance with established backup schedules.
The Law Surface program is provided as a technical support tool for data management and workflow organization and does not replace the user’s professional or legal judgment. The company shall not be liable for any decisions, actions, or professional or legal outcomes taken by the user based on the program, its outputs, or any of its services.
The Law Surface program reserves the right to add, modify, or discontinue any future services or third-party integrations. The use of any new service shall be subject to the applicable privacy policy in effect at the time of use, and continued use shall constitute implicit acceptance thereof
The company reserves the right to apply security or technical updates without prior notice where deemed necessary to protect the system, data, or users, and such updates shall not be considered a breach of any contractual obligation.
In the event that this Privacy Policy is translated into other languages, the Arabic version shall prevail as the legally binding and authoritative version in the event of any conflict or discrepancy in interpretation.
LS Cloud Services & Datacenters Providers applies an Information Security Management System and Privacy Risk Management System in accordance with ISO/IEC 27001:2022 and ISO/IEC 31022:2020 to enhance data protection, risk management, business continuity, and governance.
This compliance includes implementing approved internal policies and procedures, identifying information assets, assessing risks, applying appropriate security controls, conducting periodic reviews, and continuously improving the system in line with international best practices.
LS Cloud Services & Datacenters Providers applies ISO/IEC 27001:2022 as a certified framework for managing information security, aimed at protecting confidentiality, integrity, and availability of information. This includes access control, identity management, data encryption, incident management, business continuity, system monitoring, and infrastructure protection.
The user acknowledges that ISO compliance does not guarantee absolute security but reflects the application of reasonable and professional controls to minimize risks.
The company applies ISO/IEC 31022:2020 to identify, assess, and mitigate privacy-related risks in a structured manner. This includes analyzing risk scenarios, assessing impacts, and applying preventive and mitigation measures, without assuming responsibility for risks arising from user decisions or third-party data sharing.
The user acknowledges and understands that LS Cloud Services & Datacenters Providers’ compliance with applicable ISO standards is limited to the systems and services that are directly managed and controlled by the company and does not extend to any third-party systems, platforms, or services with which the Law Surface program may integrate based on the user’s choice.
Such compliance does not constitute a legal guarantee or an absolute commitment that no security breach or privacy incident will occur. Rather, it represents a professional commitment to applying internationally recognized best practices for risk management and risk mitigation.
LS Cloud Services & Datacenters Providers’ adherence to ISO/IEC 27001:2022 and ISO/IEC 31022:2020 shall not be interpreted as an absolute legal undertaking to protect data against all possible risks, but as the application of a risk-based methodology aimed at reducing and managing risks in accordance with internationally accepted best practices.
The user is responsible for aligning their use of the Law Surface program with their internal policies related to information security, privacy, and professional confidentiality. The company shall not be liable for any incompatibility between the user’s use of the program and the user’s internal policies, contractual obligations, or regulatory commitments toward third parties.
The technical and organizational measures implemented by LS Cloud Services & Datacenters Providers, in compliance with ISO/IEC 27001:2022 and ISO/IEC 31022:2020, form part of the company’s obligations as a data processor, solely to the extent necessary to provide the service and in accordance with the user’s instructions, without transferring or implying any additional liability not expressly stated in this agreement.
The user may not rely on ISO certifications as a substitute for their own legal or regulatory obligations related to data protection or privacy, nor as a justification for violating local or professional regulations. Ultimate legal responsibility for the data entered and its use remains solely with the user.
Scope of the Agreement This Agreement forms an integral and inseparable part of the Privacy Policy of the Law Surface program and governs the relationship between the user and LS Cloud Services & Datacenters Providers with respect to data processing activities.
Roles of the Parties The user acts as the data controller, while LS Cloud Services & Datacenters Providers acts as the data processor solely to the extent necessary to provide the service and strictly in accordance with the user’s instructions.
Processing Instructions The company shall process data exclusively based on the user’s explicit instructions and within the scope of using the program, without any independent or additional use of such data.
Confidentiality The company commits to maintaining the confidentiality of the data and ensuring that any person authorized to access such data is subject to legal and contractual confidentiality obligations.
Security Measures The company implements appropriate technical and organizational measures to protect data against unauthorized access, loss, alteration, or disclosure, in accordance with recognized best practices.
Sub-Processors The user authorizes the company to engage sub-processors where necessary to provide the service, including infrastructure or technical service providers, provided that such sub-processors adhere to a level of data protection no less than that set out in this agreement.
Data Subject Rights The user is responsible for handling any requests related to data subject rights, including access, correction, or deletion. The company shall provide reasonable technical assistance to support the fulfillment of such requests.
Incident Notification In the event of a material security incident, the company shall notify the user within a reasonable timeframe after becoming aware of the incident and shall provide available information regarding the nature of the breach.
Termination of the Agreement and Data Deletion Upon termination of the use of the program, the company shall delete or destroy the data in accordance with approved technical procedures, subject to temporary backup retention that is automatically deleted thereafter.
Governing Language The Arabic version of this agreement shall prevail as the legally binding and authoritative version in the event of any conflict or discrepancy in interpretation.
Acceptance By using the Law Surface program, the user acknowledges and agrees to be fully and legally bound by this agreement.
If any provision of this policy is deemed invalid, unenforceable, or void by a court ruling or applicable law, such determination shall not affect the validity, enforceability, or continued effect of the remaining provisions, which shall remain in full force and effect.