Matter data stays on your Device by default.

§ 1Who we are

VFL Toolkit is published by Burroughs Law Office, P.C., a Virginia professional corporation. In this Privacy Policy, "we," "us," and "our" refer to Burroughs Law Office, P.C. "You" and "your" refer to the attorney subscriber using VFL Toolkit and, where applicable, that attorney's authorized employees, contractors, paralegals, or staff acting under the attorney's supervision and authority.

1.1 Professional-use tool

VFL Toolkit is a professional productivity tool intended for use in connection with Virginia family-law practice. It is not offered as a consumer legal service, pro se legal aid product, or public-facing client portal except to the limited extent you choose to use attorney-controlled intake features for your own clients. If you use the App on behalf of a law firm or other organization, you represent that you have authority to do so.

1.2 Not directed to children

VFL Toolkit is not directed to or intended for use by children. We do not knowingly collect personal information directly from children under 13 through the App or our websites.

§ 2Definitions

For purposes of this Privacy Policy:

"App"

means the VFL Toolkit application for iPhone, iPad, and Mac.

"Device"

means the Apple device on which you install or use the App.

"Matter data"

means information you create, import, store, or manage in the App in connection with legal matters, including client and party information, financial information, court information, notes, documents, calculations, deadlines, and similar case-related content.

"On-device"

means data stored locally on your Device rather than in a cloud environment operated by us.

"iCloud sync"

means optional synchronization of App data through Apple iCloud/CloudKit services associated with your Apple account.

"Integration"

means an optional connection between the App and a third-party service, such as ShareFile.

"Credentials"

means usernames, passwords, tokens, secrets, keys, or similar authentication data used to enable an Integration.

"Personal information"

means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular person, to the extent applicable law uses that concept.

§ 3Scope of this policy

This Privacy Policy applies to personal information that we collect, receive, maintain, use, or disclose in connection with:

• your use of the App; and
• our marketing, informational, and support websites, including vfltoolkit.com and burroughs.law.

This Privacy Policy also describes, for transparency purposes, how the App is designed to handle matter data that remains on your Device or is transmitted by you to third-party services you authorize.

This Privacy Policy does not govern:

• third-party services or platforms that you connect or use, including Apple, iCloud, the App Store, ShareFile, Apple Calendar, email providers, file-hosting services, or any other third-party tools;
• your own collection, storage, use, disclosure, or safeguarding of your clients' information;
• information or files after you export, download, transmit, print, email, upload, or otherwise move them outside the App, except to the extent we separately receive or control that information.

§ 4What data we handle — and where

VFL Toolkit is designed so that most matter data remains on your Device unless you affirmatively use a feature that transmits data elsewhere. The categories below describe the principal types of information the App processes and, where applicable, whether that information remains local, is sent to a third party you authorize, or is received by us.

4.1 Matter data — local by default

Matter data is intended to be stored locally on your Device by default. We do not provide a developer-hosted cloud database for your matter data. Matter data generally remains on your Device unless you choose to export it, sync it through Apple services you enable, transmit it through an Integration, submit it through an attorney-configured endpoint, or otherwise move it outside the App.

4.2 iCloud sync — optional

If you enable iCloud sync, App data may be synchronized through Apple iCloud/CloudKit services associated with your Apple account. We do not use our own cloud backend to provide that sync functionality. Apple's handling of synchronized data is governed by Apple's terms and privacy disclosures. Disabling sync stops future synchronization, but copies already present on synced devices or in your iCloud environment may persist until removed through Apple's systems or from those devices.

4.3 Device permissions

The App may request access to device features or permissions only when needed to provide functionality you invoke, such as camera access for scanning or calendar access for deadline/event creation. Information captured through those permissions is intended to remain on your Device unless you direct otherwise through export, sync, or a third-party Integration. You may revoke permissions through your device settings.

4.4 Integration credentials

If you authorize an Integration, the App is designed to store relevant Credentials locally using Apple security services such as Keychain where available. Those Credentials are used to authenticate you with the third-party service and to enable the authorized data exchange. We do not use Credentials you provide for unrelated purposes.

4.5 ShareFile integration

If you enable the ShareFile integration, information and documents you choose to send may be transmitted from your Device to your ShareFile environment or other ShareFile-controlled endpoints as necessary to operate the integration. We do not operate ShareFile, control its infrastructure, or control its retention, security, or downstream handling of data.

4.6 On-device AI features (Apple Intelligence)

The App may offer optional features that use Apple's on-device Foundation Models framework (sometimes branded as Apple Intelligence) — for example, ranking suggested reference cards or drafting merge-field clauses from a one-line description. These features are off by default and require explicit opt-in. When enabled, the relevant inference runs entirely on your Device using Apple's on-device model. Matter data, client-content fields, prompts, and model outputs are not transmitted to us, to Apple's servers, or to any third party in order to operate these features. Outputs are generated ephemerally and are not persisted by us. You may disable these features at any time in the App's settings; doing so does not affect the rest of the App.

4.7 Calendar integration

If you grant calendar access, the App may create events or reminders in calendar systems available on your Device. We do not operate those calendar services, and calendar data may be handled by Apple or any calendar provider configured on your Device.

4.8 Encrypted client intake

The App may permit you to generate or use encrypted intake workflows. Where offered, those workflows are intended to allow client information to be encrypted and returned to you or transmitted to an endpoint that you configure or control. You are responsible for any hosted endpoint, URL, storage location, or public-key distribution mechanism that you configure. We do not undertake responsibility for third-party or attorney-controlled hosting environments.

4.9 Generated documents and redaction features

The App may apply automated formatting or redaction rules to generated documents. Those features are aids only and are not a substitute for attorney review. You remain responsible for reviewing all output before use, filing, transmission, or disclosure.

4.10 Subscription and purchase information

Subscriptions are offered and billed through Apple's App Store. We may receive limited subscription-status, entitlement, and transaction metadata necessary to validate access to paid features, administer trials, prevent abuse, maintain records, and provide support. We do not receive or store your full payment-card information or Apple ID password.

4.11 Technical diagnostics and telemetry

We may receive limited technical diagnostics, crash information, error logs, or usage metrics relating to App performance, stability, feature adoption, or subscription status. We do not intentionally use telemetry to collect matter data or client-content fields, although no logging or telemetry system can be guaranteed to exclude all user-supplied information in every circumstance.

4.12 Websites, contact forms, and mailing lists

Our websites may collect standard website information such as page visits, referrers, approximate region, browser type, device type, and similar analytics information through our hosting or website providers. If you submit a contact form, join a mailing list, request support, or otherwise contact us, we collect the information you provide.

§ 5How we use the data we receive

We use the limited information we collect or receive for the following business and operational purposes:

• to provide, authenticate, maintain, and improve the App and related services;
• to validate subscriptions, trials, and feature entitlements;
• to diagnose crashes, errors, performance issues, and security incidents;
• to respond to support requests, feedback, and other communications;
• to send product, service, legal, administrative, or transactional notices;
• to protect the App, our business, users, and others against fraud, abuse, misuse, security threats, or unauthorized activity;
• to enforce our Terms of Use and other applicable agreements;
• to comply with legal obligations, lawful requests, court orders, tax requirements, recordkeeping obligations, and regulatory requirements.

We do not sell personal information. We do not use matter data or client matter content to train generalized machine-learning models for public or cross-customer use. We do not disclose personal information for cross-context behavioral advertising.

§ 6Third parties and service providers

Depending on how you use the App, personal information or matter data may be disclosed to, received by, or processed through the following categories of third parties:

• Apple and Apple-related services, including the App Store, subscription management, device security services, iCloud/CloudKit, calendar frameworks, and platform analytics or diagnostics, if enabled or applicable;
• Integration providers you choose to connect, such as ShareFile;
• Website, hosting, and communications providers, including providers that host our websites, process contact-form submissions, route email, or maintain mailing lists;
• Service providers acting on our behalf for support, infrastructure, security, diagnostics, or operational administration;
• Legal, compliance, tax, audit, and professional advisors where reasonably necessary;
• Governmental authorities, courts, counterparties, or other third parties when required to comply with law, legal process, or to protect rights, safety, property, or the integrity of the App.

We do not sell personal information to data brokers. We do not disclose personal information for cross-context behavioral advertising.

§ 7Retention and deletion

7.1 Matter data on your Device

Matter data stored locally in the App remains under your control on your Device unless and until you delete it, export it, sync it, or transmit it elsewhere. If the App includes a local delete or wipe function, that function is intended to remove the relevant locally stored App data from that Device, but it may not remove copies previously exported, synced, backed up, cached, or stored by third-party systems.

7.2 iCloud or third-party copies

If you enable iCloud sync or use an Integration, copies of data may persist in Apple's systems or the relevant third-party provider's systems in accordance with that provider's retention practices and your configuration of those services.

7.3 Account, subscription, and business records

We retain subscription, transaction, support, and business records for as long as reasonably necessary for the purposes described in this Privacy Policy, including to comply with legal, tax, accounting, audit, dispute-resolution, and enforcement obligations. Retention periods may vary by record type.

7.4 Support correspondence

If you contact us, we may retain your communications and related records for support, training, product-improvement, legal, and recordkeeping purposes.

7.5 Legal holds and exceptions

Notwithstanding anything else in this Privacy Policy, we may retain information for longer where necessary to comply with law, resolve disputes, investigate incidents, enforce agreements, or establish, exercise, or defend legal claims.

§ 8Security

We use administrative, technical, and organizational measures designed to protect the limited information we control against unauthorized access, disclosure, alteration, or destruction. The App is also designed to rely on security features provided by Apple's operating systems and device-security framework where available.

Depending on your Device, operating system, settings, and the features you use, protective measures may include local device encryption, secure credential storage, encrypted network transport, optional biometric or passcode-based access controls, and encrypted intake or transmission workflows.

No security measure is perfect, and we do not guarantee that unauthorized access, disclosure, loss, or alteration will never occur. You remain responsible for the security of your Devices, passcodes, Apple account, third-party-service credentials, exported files, hosted endpoints you configure, and your firm's own privacy and information-security practices.

§ 9Payments and subscriptions

Subscriptions to VFL Toolkit are offered and billed through Apple's App Store. Apple controls billing workflows, payment processing, and related payment credentials. We receive only the limited subscription and transaction information reasonably necessary to administer access to the App, maintain records, respond to support issues, and comply with legal obligations.

Deleting data from the App or deleting the App from your Device does not automatically cancel your subscription. Subscription cancellation and billing management must be handled through Apple.

§ 10Your rights and choices

10.1 In-App controls

Because most matter data is intended to remain on your Device, the most direct means of controlling that data is through the App and your own devices, accounts, and third-party services. Depending on available functionality, you may be able to view, edit, export, delete, sync, disconnect integrations, revoke permissions, or wipe locally stored App data.

10.2 Rights relating to information we control

To the extent applicable law grants you rights with respect to personal information that we control, and subject to any applicable exemptions or verification requirements, you may request access to, correction of, deletion of, or information about that personal information by contacting us using the information in § 14. We may need to verify your identity, authority, and the scope of your request before acting on it.

10.3 Marketing communications

If you subscribe to marketing or launch communications from us, you may opt out using the unsubscribe mechanism in the message or by contacting us.

10.4 App Store disclosures

Any App Store privacy label or similar platform disclosure is intended as a summary. In the event of a conflict, this Privacy Policy governs except to the extent a platform requires different phrasing or categorization.

§ 11International users

VFL Toolkit is intended for use in connection with Virginia legal practice in the United States. If you access or use the App or our websites from outside the United States, you understand that information we collect or control may be processed in the United States or other jurisdictions where our service providers operate. You are responsible for determining whether your use of the App is permitted in your jurisdiction and for complying with any local legal requirements applicable to you.

§ 12Children's privacy

The App is not intended for direct use by children, and we do not knowingly collect personal information directly from children under 13 through the App or our websites. If you believe we have received personal information directly from a child under 13 in a manner inconsistent with this Privacy Policy, contact us using the information in § 14 and we will take appropriate steps to review and address the issue.

For the avoidance of doubt, matter data entered by an attorney user may include information about minors involved in the attorney's legal matters. That information is entered and controlled by the attorney user, not by a child user of the App.

§ 13Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date and, where appropriate, the version number. If we make material changes to how we collect, use, or disclose personal information that we control, we may provide additional notice through the App, by email, on our website, or by other reasonable means.

Your continued use of the App after the effective date of an updated Privacy Policy is subject to the revised Privacy Policy.

§ 14Contact

Questions about this Privacy Policy, support inquiries, or requests relating to personal information we control may be directed to: