Privacy Policy

Effective Date: December 11, 2025

Introduction

Tauler Smith LLP (“Tauler Smith,” “we,” “us,” or “our”), through its California Privacy Center project, is committed to protecting your privacy. This Privacy Policy informs you of our policies and procedures regarding the collection, use, disclosure, and safeguarding of personal information when you use the California Privacy Center website (the “Website”). It is intended to comply with applicable data protection and privacy laws, including the California Consumer Privacy Act (as amended, the “CCPA”) and the European Union/United Kingdom General Data Protection Regulation (“GDPR”). For purposes of this Privacy Policy, “personal information” (also referred to as “Personal Data”) means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked with a particular individual or household.

By using our Website, you acknowledge that you have read and accept this Privacy Policy. If you do not agree with any part of this Privacy Policy, please do not use the Website or provide us with any personal information. Please note: Use of our Website or contacting us through the Website does not create an attorney-client relationship between you and Tauler Smith (see No Attorney-Client Relationship below).

We may update this Privacy Policy from time to time. If we make significant changes, we may notify you by email or by posting a prominent notice on the Website. We encourage you to review this Policy periodically for any updates. Your continued use of the Website after any changes signifies your acceptance of the revised Privacy Policy.

Information We Collect

We collect personal information from you in a variety of ways, including information you provide directly and information collected automatically through technology.

Information You Provide: If you fill out a contact form, subscribe to newsletters, or otherwise communicate with us through the Website, you may provide personal information such as your name, email address, telephone number, postal address, or other details you voluntarily submit. For example, you may provide these details when inquiring about our legal services or asking to receive publications or updates. We will also collect any other personal data you choose to include in your communications with us. If you become a client of Tauler Smith, we may collect additional information as needed for legal services and client onboarding – for instance, financial information for billing, identification and background information for compliance with legal obligations (e.g. anti-money laundering laws), or other details relevant to your matter.
Information Collected Automatically (Cookies and Usage Data): When you visit our Website, certain information may be collected automatically through the use of cookies and similar tracking technologies. This information can include your IP address, browser type, device information, operating system, referring website, pages viewed, and the date and time of your visit. We may use cookies—small text files placed on your device—to help us recognize you on future visits, remember your preferences, and gather general statistics about how visitors use our Website. This helps us enhance the Website’s functionality and improve user experience. You can learn more about cookies at AllAboutCookies.org. For more details on cookies, see Cookies and Tracking Technologies below.

We do not knowingly collect sensitive personal information (such as social security numbers or financial account passwords) through the Website, unless you choose to provide such information. We also do not use or disclose sensitive personal information, as defined under California law, for purposes other than those permitted by law.

How We Use Your Information

We use personal information for the following business and professional purposes:

Providing Legal Services and Responding to Inquiries: If you contact us seeking legal advice or information about our services, we will use your information to communicate with you and evaluate how we can assist. If you become a client, we will use your personal information in the provision of legal services, which can include using details about your legal matter to advise or represent you. In the course of providing legal services, we may also need to use or share your information with third parties on your behalf, such as co-counsel, expert witnesses, consultants, or other professional advisers, but always subject to our professional obligations and as necessary to fulfill your requests.
Business Operations and Client Relationship Management: We may use personal information for our internal business operations and to manage our relationships. This includes processing payments and invoices, maintaining client records, administering mailing lists or event registrations, and managing relationships with vendors or service providers. For example, if you are a client, we may use your contact and financial information to send invoices and receive payments, or use your information to update our files and comply with administrative or legal requirements.
Communication and Marketing: We may use the contact information you provide to respond to your inquiries, send you newsletters or legal updates, or inform you of events, seminars or services that may interest you. We will only send you promotional or marketing emails in accordance with applicable law – for example, if you have subscribed to such communications or if you are an existing client and the communications relate to services we provide. You can opt out of marketing emails at any time as described in the Unsubscribe from Communications section below. We may also use your information to solicit feedback or to provide customer support when you request it.
Website Functionality and Improvements: We use information, including technical data and cookie data about how users interact with our Website, to maintain and improve the Website’s functionality, performance, and user experience. This helps us troubleshoot issues, analyze the effectiveness of our content, and make the Website more useful to visitors.
Security and Fraud Prevention: We may use personal information (including device and network activity data) to protect the security and integrity of our Website, our firm, and our users. This includes detecting, investigating, and preventing fraudulent transactions, spam, unauthorized access, malicious activities, or other illegal or harmful activities.
Legal Compliance and Enforcement: We may process personal information as required to comply with applicable laws, regulations, court orders, or legal processes, such as verifying identities in the context of client due diligence (e.g., “know your customer” requirements) or responding to lawful requests by government authorities. Additionally, we may use or preserve information as necessary to establish, exercise, or defend our legal rights or the rights of others, and to ensure we meet our professional and ethical obligations.

We will not use your personal information for purposes that are incompatible with the ones listed above without first providing you notice and, if required, obtaining your consent.

If you are located in the European Economic Area (EEA) or United Kingdom, we must have a legal basis to process your personal data under the GDPR/UK GDPR. We rely on the following legal bases: (a) Performance of a contract or pre-contractual steps – for example, when we use your data to provide legal services you requested or to respond to your inquiries; (b) Legitimate interests – we may process data as necessary for our legitimate business interests, such as improving our Website and services, maintaining relationships, and securing our operations, provided those interests are not overridden by your data protection rights. For instance, sending updates to existing clients about legal developments may be based on legitimate interests. (c) Legal obligation – when processing is necessary for us to comply with laws or regulations (for example, retaining records for tax or compliance purposes). (d) Consent – where we have obtained your consent, such as for sending certain marketing communications to new subscribers or using certain cookies (when required by law). You have the right to withdraw your consent at any time, as discussed in the GDPR rights section below, without affecting the lawfulness of processing based on consent before withdrawal.

Cookies and Tracking Technologies

Our Website may use cookies and similar tracking technologies to distinguish you from other users and to collect information about your online activities over time and across different websites. Cookies are small text files placed on your device that allow websites to recognize your device and store certain information (for example, your preferences). When you use our Website, we (and authorized third parties) may place cookies on your browser for the following purposes:

Essential Cookies: Some cookies are necessary for the Website to function properly, such as to enable you to navigate the site and use its features. These cookies do not collect personal data but may identify your session or provide security.
Analytics and Performance Cookies: We use these to collect information about how visitors use our Website, for instance which pages are visited most often and if users encounter error messages on certain pages. This data helps us improve the Website’s performance and your experience. We may use third-party analytics services (like Google Analytics) which set their own cookies to help us analyze site traffic and user interactions. The information collected may include your IP address, browser type, device information, and browsing actions on our site.
Functionality Cookies: These cookies allow the Website to remember choices you make (such as your language or region) and provide enhanced, more personalized features. They may also be used to provide services you requested, such as watching a video or commenting on a blog.

We do not use cookies for advertising or to share data across different websites for advertising purposes. In other words, we do not use cookies to facilitate cross-context behavioral advertising.

Most web browsers automatically accept cookies, but you can usually modify your browser settings to block or delete cookies if you prefer. Managing Cookies: If you do not want our Website to place cookies on your device, you can set your browser to refuse all or some cookies, or to alert you when cookies are being sent. You can also delete cookies that have already been set on your device. Please note that if you disable or reject cookies, some parts of the Website may become inaccessible or not function properly. For more information about cookies and how to manage or disable them, visit AllAboutCookies.org.

We adhere to the privacy practices described in this Policy and encourage you to manage your cookie preferences as described above.

We value your privacy and do not sell your personal information to third parties for monetary or other valuable consideration, and we do not share your personal information with third parties for cross-context behavioral advertising purposes. In other words, we have not sold (and do not “sell”) personal information about our Website visitors or clients, and we have not disclosed personal information to data brokers or for targeted advertising. If this ever changes in the future, we will update this Privacy Policy and provide required notices and opt-out mechanisms.

However, we may disclose or share your personal information with certain third parties in the following circumstances, consistent with the purposes described above and as permitted or required by law:

Within Tauler Smith LLP: We may share personal information internally among attorneys and staff at our firm who need to access it to fulfill the purposes described in this Policy, such as to provide you with legal services or respond to your requests. This includes sharing between the California Privacy Center project and the broader Tauler Smith organization, as applicable. All such sharing is on a need-to-know basis and subject to strict confidentiality obligations.
Service Providers: We may share your information with third-party service providers and vendors who perform services on our behalf. These service providers might include, for example, website hosting companies, IT support providers, email or newsletter distribution services, customer relationship management platforms, analytics providers, or other vendors that assist us in maintaining and operating the Website or our business. We only provide these service providers the information necessary for them to perform their functions, and we contractually require them to protect your information and use it only for the purposes of providing services to us.
Co-Counsel and Professional Advisors: If required for your legal matters, we may share information with co-counsels, opposing counsel (through formal legal processes), expert witnesses, consultants, or other professional advisors (such as accountants or other specialists) who are subject to duties of confidentiality. We do this to the extent needed to provide our legal services or advice that you have requested.
Legal Obligations and Protection of Rights: We may disclose personal information to courts, law enforcement, regulatory agencies, government authorities or other third parties when we believe disclosure is necessary or appropriate to comply with the law or legal process (such as a subpoena or court order). We also reserve the right to disclose personal information as needed to enforce our agreements, pursue or defend against legal claims, investigate or respond to suspected illegal activity, protect the security or integrity of our Website, or to protect the rights, property, or safety of our firm, our clients, our employees, or others.
Business Transfers: In the event that Tauler Smith LLP, or substantially all of its assets, undergoes a business transaction such as a merger, acquisition, reorganization, or asset sale, your personal information may be disclosed to the new owner or successor entity as part of that transaction. In such cases, we will ensure that any successor entity is bound to handle personal information in a manner that is consistent with this Privacy Policy or that we obtain your consent where required.
With Your Consent or At Your Direction: We may share your personal information with other third parties not covered by the above scenarios when you expressly consent to or request such sharing. For instance, if you ask us to introduce you to a third-party service or to send your information to another law firm, we will share your information as instructed by you.

Except as described above, Tauler Smith will not disclose your personal information to any unaffiliated third parties. We do not rent or trade your information. If we ever need to share your information in a materially different way, we will update this Policy and, if required, seek your permission.

Data Security

We implement reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include secure data storage, encryption, access controls, and other security protocols appropriate to the sensitivity of the information. However, please be aware that no method of transmitting or storing data is completely secure, and therefore we cannot guarantee absolute security of your information.

There are inherent risks in transmitting information over the internet, and in sending confidential or sensitive information via email or through the Website. By using our Website or communicating with us, you acknowledge and accept these risks. In particular, email or online communications may not be encrypted, and you should not send highly sensitive personal or confidential information through these means unless necessary. While we strive to protect your data, you agree that you will not hold Tauler Smith responsible for unauthorized access to your personal information or any breach of security that is beyond our reasonable control.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, and for as long as we are required to do so by law or ethical obligations. The exact duration we keep your data may vary depending on the nature of the information and the context in which it was provided. For example, if you become a client, we may retain your information for the duration of our attorney-client relationship and for a period afterward as required by our record-keeping policies and applicable law. We may also retain correspondence or inquiries for a period of time after responding, in case further follow-up is needed or to establish a record of our communications. When personal information is no longer needed for the purpose for which it was collected or as required by law, we will securely delete or anonymize it.

Your California Privacy Rights (CCPA)

If you are a California resident, California law (the CCPA, as amended by the California Privacy Rights Act) provides you with specific rights regarding your personal information. This section describes those rights and how you can exercise them. These rights apply only to California residents; if you are not a California resident, these specific rights do not apply to you.

Right to Know (Access): You have the right to request that we disclose the personal information we have collected about you in the 12-month period preceding your request. This includes the categories of personal information we collected, the categories of sources of that information, the business or commercial purposes for collecting it, and the categories of third parties with whom we share personal information. You also have the right to receive a copy of the specific pieces of personal information we have collected about you in a portable and, to the extent technically feasible, readily usable format (often referred to as the right of access or “data portability”).

Right to Delete: You have the right to request deletion of personal information that we have collected from you and retained, subject to certain exceptions. Once we receive and verify your request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. Please note that we may deny deletion requests if retaining the information is necessary for us or our service providers to, for example, complete a transaction you requested, comply with a legal obligation, exercise or defend legal claims, or for certain other purposes allowed by law.

Right to Correct: You have the right to request that we correct inaccurate personal information that we maintain about you. If you demonstrate that information we hold is incorrect, we will take appropriate steps to rectify it, considering the nature of the information and the purposes for which it is processed.

Right to Opt-Out of Sale or Sharing: California residents have the right to opt out of the “sale” of their personal information or the “sharing” of personal information for cross-context behavioral advertising. However, as noted above, we do not sell or share your personal information as those terms are defined under California law. Because we do not engage in these practices, we do not offer a web form or link (“Do Not Sell or Share My Personal Information”) for submission of opt-out requests at this time. In the unlikely event that we ever plan to sell or share personal data, we will update our practices and provide a method for you to exercise this right.

Right to Non-Discrimination: You have the right to be free from discrimination or retaliation for exercising any of your CCPA rights. We will not deny you services, charge you a different price, or provide a different level or quality of services merely because you exercised your rights under the CCPA. If you have any concerns about any allegedly discriminatory behavior, please contact us using the information below.

How to Exercise Your California Rights: To exercise your rights described above, you (or your authorized representative) may submit a request to us by emailing us at privacy@californiaprivacycenter.com. Please include “CCPA Request” in the subject line of your email and provide sufficient information to verify your identity. This may include your full name, contact information, and details about your interactions with us (e.g., when or how you provided personal information). We will use the information you supply to verify your identity (or the identity and authority of your authorized agent) against our records before processing your request, as required by law. In some cases, we may need to request additional information from you to ensure a proper match to our records and to protect against fraudulent requests. Any additional information you provide for verification will be used only for that purpose.

If you authorize someone (an “authorized agent”) to make a request on your behalf, we may require that you provide the agent with written permission and verify your own identity directly with us, or that the agent provides proof of their authorization (for example, a notarized letter or a power of attorney). We will respond to verifiable requests as soon as practicable and in accordance with the timelines set by law. Typically, we will respond within 45 days of receiving your request, or notify you if we need more time (up to an additional 45 days). Our response will either provide the information requested or explain the reasons we cannot comply with the request, if applicable (such as if an exemption applies). We do not charge a fee to process or respond to your CCPA request unless it is excessive, repetitive, or manifestly unfounded, in which case we may charge a reasonable fee or refuse to act on the request as permitted by law.

If you are located in the European Union, European Economic Area, or the United Kingdom, you have certain rights concerning your personal data under the GDPR or UK data protection laws. These rights, subject to certain conditions and exceptions, include:

Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to request a copy of the personal data we hold about you, as well as supplementary information about how and why it is processed.
Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. We will promptly update our records and inform any third parties (to whom the data was disclosed) of the correction when required.
Right to Erasure: You have the right to request that we delete or remove your personal data when, for example, it is no longer needed for the purposes for which it was collected or if you withdraw consent (where applicable) and no other legal basis for processing applies. This “right to be forgotten” is not absolute – for instance, it does not apply if processing is necessary for compliance with a legal obligation or for the establishment, exercise, or defense of legal claims.
Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances. For example, if you contest the accuracy of your data, you may request we restrict processing until its accuracy is verified; or you may request restriction if you object to our processing (pending verification of overriding grounds).
Right to Data Portability: Where processing is based on your consent or the performance of a contract and carried out by automated means, you have the right to request a copy of the personal data you provided to us in a structured, commonly used, and machine-readable format, and you may have the right to transmit that data to another controller where technically feasible.
Right to Object: You have the right to object to our processing of your personal data in certain situations. In particular, you can object to processing of your data for direct marketing at any time, and we will honor your request. If we are processing your data based on legitimate interests, you may object to that processing, and we will consider your objection and whether our legitimate grounds for processing override your rights and freedoms. If your objection is successful, we will stop or limit the processing of your information.
Right to Withdraw Consent: If we rely on your consent to process personal data, you have the right to withdraw that consent at any time. Your withdrawal will not affect the lawfulness of processing based on consent before its withdrawal. If you withdraw consent for a specific purpose (e.g., for marketing emails), we will stop processing your data for that purpose.
Right to Complain to a Supervisory Authority: You have the right to lodge a complaint with a data protection authority in the country where you live or work, or where you believe a breach of data protection laws has occurred. We would, however, appreciate the chance to address your concerns before you approach a regulator, so please consider contacting us first using the information in Contact Us below.

Exercising Your GDPR Rights: You may contact us at privacy@californiaprivacycenter.com (or via the postal address in the Contact Us section) to make any requests regarding your personal data rights under GDPR. We will respond to your request as required by applicable law, usually within one month. Please note that we may need to ask you for additional information to verify your identity before processing your request, consistent with our legal obligations and for your data security. If we cannot fulfill your request, we will provide an explanation subject to legal restrictions.

International Data Transfers: We are based in the United States, and any personal information we collect from EU/EEA/UK individuals will be transferred and processed in the United States. The U.S. may not have data protection laws equivalent to those in your home country. However, we will ensure that appropriate safeguards are in place for such transfers as required by GDPR. This may include using Standard Contractual Clauses approved by the European Commission, or other lawful transfer mechanisms, to protect your personal data when it is transferred to the U.S. or other countries outside the EEA/UK. By interacting with our Website or communicating with us, you understand that your personal information will be transferred to the U.S. and processed as described in this Policy.

No Attorney-Client Relationship

Your use of the Website or communication with us through the Website does not establish an attorney-client relationship between you and Tauler Smith LLP. The Website may provide general information about legal topics (such as privacy law developments), but it is not legal advice. Contacting us via email or submitting information through a contact form on the Website also does not create an attorney-client relationship. An attorney-client relationship is only formed after we have expressly agreed to represent you, typically through a written engagement agreement signed by you and by us.

Because no attorney-client relationship is created by your use of the Website, any information you submit to us through the Website may not be protected by attorney-client privilege. Please do not send confidential or sensitive information to us through the Website or by email unless you are an existing client or we have agreed to represent you. Any information you do send to us before we have formally established an attorney-client relationship may not be treated as privileged or confidential.

Third-Party Links

Our Website may contain links to websites or content operated by third parties (for example, social media pages, external resources, or partner websites). This Privacy Policy applies solely to our Website, and we are not responsible for the privacy practices, data handling, or content of any third-party websites. If you click on a link to a third-party site, any personal information you provide on that third-party site is governed by their privacy policy, not ours. We encourage you to review the privacy policies of any websites you visit via links from our Website so that you understand how those third parties collect and use your information.

Children's Privacy

Our Website is not directed to children under the age of 13 (and similarly is not intended for anyone under the age of 16 in jurisdictions where 16 is the age of consent for data processing, such as in the EU). We do not knowingly collect personal information from children under these ages. If you are under the applicable age threshold, please do not use the Website or send us any personal information. In the event we learn that we have inadvertently collected personal information from a child under 13 (or under 16, as applicable), we will take prompt steps to delete that information from our records. If you believe that a minor may have provided us with personal information without appropriate consent, please contact us at the email address listed below so that we can investigate and address the issue.

Unsubscribe from Communications

If you subscribe to receive marketing communications (such as newsletters, legal updates, or event invitations) from us, you consent to receive such communications by electronic means. You may opt out of receiving marketing emails or newsletters at any time. To unsubscribe, you can click the “unsubscribe” link provided in the footer of any marketing email you receive from us, which will remove you from the corresponding mailing list. Alternatively, you may request to be removed from future communications by contacting us at privacy@californiaprivacycenter.com with the subject line “Unsubscribe.” Please note that even if you opt out of marketing messages, we may still send you non-promotional communications, such as responses to your inquiries or information about a matter you are involved in, if you are a client.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, or if you wish to exercise your rights or update the information we have about you, please contact us using the details below:

Email: privacy@californiaprivacycenter.com

Phone: (310) 590-3927 *(during business hours)

Mail: Tauler Smith LLP
626 Wilshire Blvd., Suite 510
Los Angeles, CA 90017, USA

When you contact us, please provide your name and contact information and a detailed description of your request or question. We will address your inquiry as promptly as possible. If you are contacting us to exercise a privacy right, please see the relevant sections above for information we may need to verify your identity and process your request.

Changes to This Privacy Policy

We reserve the right to amend or update this Privacy Policy at any time. Any changes will become effective when we post the revised Privacy Policy on the Website. If we make material changes to how we collect or use personal information, we will take reasonable steps to notify you (for example, by posting a notice on our Website or, if we have your email on file, by sending you an email notification). The “Effective Date” at the top of this Policy indicates when the current version came into force. Your continued use of the Website after the Effective Date constitutes your acceptance of the updated Policy. We encourage you to review this page periodically to stay informed about our privacy practices.

Effective Date: This Privacy Policy is effective as of December 11, 2025, and supersedes any prior privacy policy posted on the Website.