Data Processing Agreement

This Agreement governs the processing of Personal Data by Law Edges in connection with the provision of legal process support services, including intake management, medical record review and chronologies, pre-litigation case handling, and paralegal support.

• The Client is the Controller of Personal Data.
• Law Edges acts solely as a Processor, processing Personal Data on documented instructions of the Client.

Processing activities may include:

• Intake documentation handling
• Medical record review and summarization
• Case file organization
• Pre-litigation documentation preparation
• SSDI file processing support

Depending on engagement, data processed may include:

• Names, contact information, and identification details
• Medical records and treatment histories
• Accident and incident reports
• Insurance documentation
• Employment records (SSDI matters)
• Legal case files and related documentation

Law Edges ensures that all personnel:

• Are bound by confidentiality obligations
• Have access strictly on a need-to-know basis
• Receive internal guidance on secure data handling

Law Edges implements appropriate technical and organizational safeguards, including:

• Role-based access control
• Encrypted data transmission
• Secure cloud storage environments
• Restricted system access
• Device-level protections
• Internal access logs
• Controlled data retention policies

Law Edges may utilize third-party service providers (e.g., secure cloud hosting providers). Law Edges remains responsible for ensuring such providers maintain adequate confidentiality and security safeguards.

In the event of a confirmed data breach affecting Client data, Law Edges shall:

• Notify the Client without undue delay (not exceeding 72 hours where feasible)
• Provide relevant information regarding the nature and scope of the breach
• Cooperate in remediation efforts

Upon termination of services:

• Personal Data shall be returned or securely deleted, subject to legal retention obligations.