Privacy Policy — LegalHub Registry
LH
LegalHub Registry
Official Policy Register  •  IT Altruists
Master Policy Register

Privacy Policy

How LegalHub and affiliated projects collect, use, protect, and respect personal data.

POL-001 ACTIVE v1.3 Updated 2025-10-21 Registry Policy
This Policy applies to all services, platforms, portals, and tools operated under the LegalHub and AltruHub ecosystem where this Policy is referenced as the governing privacy notice.

This Privacy Policy explains how we handle personal data within the LegalHub Registry and the wider AltruHub ecosystem. It is designed to be transparent, human-readable, and enforceable. Where local laws require stronger protections, those protections apply in addition to this Policy.

LegalHub Registry is an integrity-focused governance and compliance hub operated under the stewardship of IT Altruists and aligned contributors. We act as a controller for personal data processed directly by LegalHub, and as a trusted steward when we host or verify governance records for participating projects.

We deliberately design systems to avoid collecting unnecessary or invasive data. We do not sell personal data. We do not operate third-party advertising profiles. We do not buy external datasets to re-identify individuals. Any integration that would weaken this position is rejected by design.

Depending on how you interact with LegalHub, we may process: (a) Account data such as name, email address, authentication identifiers, and role or affiliation; (b) Operational logs such as access timestamps, IP address, and technical metadata required for security, fraud prevention, and auditability; (c) Registry records such as signatures, approvals, or comments made in an official capacity; (d) Support correspondence and inquiries you choose to send us. We process only what is necessary for security, accountability, and lawful operation.

We rely on recognized legal bases, which may include: (a) Consent, where you have clearly agreed to a specific use; (b) Contract, where processing is necessary to provide or administer a service you requested; (c) Legitimate interests, such as securing our systems or preventing abuse, balanced carefully against your rights; (d) Legal obligation, where we must retain or disclose data under applicable law; and (e) Public interest or official authority, where we operate registry functions.

We use personal data only to: (a) operate and secure LegalHub services; (b) verify and track official registry actions; (c) respond to lawful support or compliance requests; (d) improve the reliability, accessibility, and integrity of our systems. We do not use your data to make automated decisions that produce legal or similarly significant effects without meaningful human review.

Core cookies are limited to security, session continuity, and essential preferences. Optional analytics or performance telemetry, where deployed, is configured to avoid building marketing profiles or cross-site tracking. You can manage non-essential cookies through your browser or any consent tools presented.

Some projects connected to LegalHub may rely on third-party services such as managed hosting, secure identity providers (including options like Google or Microsoft sign-in), or operational tooling. Those providers maintain their own privacy terms. Where they are used on a LegalHub-governed property, we aim to minimize data shared, require contractual safeguards, and document their role within related policies or integration notices.

Where affiliated projects run on platforms such as WordPress or similar systems, certain technical data may be collected directly by that platform as part of its normal operation (for example, comment metadata or security logs). In such cases, both this Policy and the platform’s own published privacy notice apply. We do not extend those systems’ tracking beyond what is technically necessary.

We retain personal data only for as long as necessary to fulfil the purposes described in this Policy, comply with legal obligations, or maintain verifiable registry records. Operational security logs are typically retained for 30–180 days unless a longer period is required for investigations, legal obligations, or system integrity.

Subject to applicable law, you may have rights to access, correct, restrict, port, or erase your personal data, and to object to certain processing. To exercise these rights for data controlled by LegalHub, contact us at privacy@legalhub.registry. For integrated third-party services or partner projects, we will help route your request to the responsible controller where appropriate.

Where data is transferred across borders, we use appropriate safeguards such as adequacy decisions, standard contractual clauses, or equivalent mechanisms recognized by relevant regulators. We aim to keep processing anchored in jurisdictions with robust privacy and rule-of-law protections.

We apply layered safeguards, including encryption in transit, hardened infrastructure, strict access controls, change logging, peer-reviewed code, and tested backup and recovery procedures. No technical system is perfect; if we become aware of a breach that affects your data, we will investigate and, where required, notify you and regulators.

We may update this Policy to reflect legal, technical, or operational developments. When materially changed, the new version will be published through LegalHub with an updated version number and effective date, and logged in the registry’s update feed for traceability.

For questions about this Policy or how we handle personal data, contact privacy@legalhub.registry. For high-sensitivity or regulator-to-regulator correspondence, use the dedicated LegalHub Registry channels documented on the official site.