Haystone LegalHaystone Legal
Legal

Privacy Policy

Last updated: 2026

This Privacy Policy explains how Haystone Legal collects, uses and safeguards the information you provide when you contact us, book a consultation, or use our client portal.

Information we collect

We may collect personal information including your name, email address, phone number, postal address, and details of your legal enquiry or matter. If you use our client portal, we also store case-related documents, messages, and communications you choose to share. We automatically collect anonymous usage data such as pages visited, referral source, and browser type through cookies and analytics tools.

How we use your information

To respond to enquiries, provide legal services, schedule consultations, communicate with you about your matter, and improve our website. We rely on our legitimate interest in delivering legal services as the legal basis for processing. We do not sell, rent, or trade your personal data to third parties.

Cookies

Our website uses essential cookies for functionality and optional analytics cookies (Google Analytics) to understand site usage. You may disable non-essential cookies through your browser settings or our cookie consent tool. Essential cookies include session cookies for the client portal and CSRF protection tokens.

Data sharing & disclosure

We may share your information with: (a) barristers, consultants, or experts engaged on your matter; (b) courts or regulatory bodies where required by law; (c) service providers who process data on our behalf (e.g. cloud hosting, document management). All third parties are bound by data processing agreements consistent with this policy.

Data retention

We retain personal data for the duration of your matter plus six years to comply with professional indemnity and regulatory obligations. After that period it is securely deleted or anonymised. Portal usage logs are retained for 12 months.

Your rights

Under applicable data protection law you have the right to: access your data, correct inaccuracies, request deletion (subject to legal holds), restrict processing, data portability, and withdraw consent. Portal users may exercise these rights from the Profile & Security page or by contacting us directly.

International transfers

If you are based outside Pakistan, your data may be transferred to and processed in Pakistan where our servers are located. We take appropriate safeguards to protect your information in accordance with applicable law.

Security

We implement technical and organisational measures to protect your data, including SSL/TLS encryption, access controls, and regular security audits. Portal communications are encrypted in transit and at rest.

Contact

For any privacy question, data request, or complaint, contact us at privacy@haystonelegal.com or via the details on our Contact page. We aim to respond within 15 working days.

Chat on WhatsApp