Privacy Policy

Last Updated: January 22, 2026

S.J. Laliberte ("we," "us") is committed to a "Privacy by Design" approach. We are a law practice based in Montreal, Quebec, operating with clients globally, including in California.

This policy describes how we manage data in compliance with Quebec’s Law 25 (Act Respecting the Protection of Personal Information in the Private Sector) and the California Consumer Privacy Act (CCPA/CPRA).

We believe legal documents should be readable. Below is a breakdown of what we collect, why we collect it, and the sub-processors we trust to handle it.

  • We take accountability seriously. Under Quebec Law 25, the person with the highest authority is responsible for the protection of personal information.

    • Privacy Officer: Renaud Laliberte

    • Title: Founder and Lawyer

    • Email: privacy@sjlaliberte.com

    • Address: 731 R. de la Commune O Office 100 - B, Montréal, QC H3C 1X7

    If you have a concern about how your data is handled, or if you suspect a breach, please contact the Privacy Officer immediately.

  • We practice Data Minimization. We only collect what is strictly necessary to provide legal counsel and operate this website.

    • Identity Data: Name, job title, and company name.

      • Source: Provided by you via Contact Forms or Calendly.

      • Purpose: To verify conflicts of interest (KYC) and address you correctly.

    • Contact Data: Email address and phone number.

      • Source: Provided by you.

      • Purpose: To schedule calls and deliver legal advice.

    • Technical Data: IP address, browser type, and device info.

      • Source: Collected automatically via Cookies (Squarespace Analytics and Google Analytics).

      • Purpose: To ensure website security, improvement and functionality.

    • Payment Data: Billing address and payment details.

      • Source: Collected via our invoicing platform (if you become a client).

      • Purpose: To process retainer payments. We do not store credit card numbers on our servers.

  • To operate a modern, secure legal practice, we use best-in-class cloud infrastructure. We have entered into Data Processing Agreements (DPAs) with the following sub-processors to ensure they protect your data to our standards.

    • Microsoft 365 (Canada/US):

      • Function: Email hosting (Outlook), Calendar, and Secure Document Storage (OneDrive/SharePoint).

      • Compliance: Enterprise-grade encryption (TLS/AES).

    • Squarespace (US):

      • Function: Website hosting and form submission processing.

    • Calendly (US):

      • Function: Meeting scheduling automation.

    • Mailchimp (US):

      • Function: CRM for non-marketing database.

      • Function: CRM for digital files delivery, Newsletter management and other Marketing communications (only if you opt-in).

    • Clio (Canada):

      • Function: Practice management software, service delivery and payment processor;

    • Stripe (US)

      • Function: Payment processor in the US.

    Note on Cross-Border Transfers (Quebec Law 25): Some of our service providers (Microsoft, Calendly, Squarespace) store data on servers located in the United States. By using our services, you acknowledge that your information may be processed outside of Quebec, where privacy laws may differ. We have conducted a Privacy Impact Assessment (PIA) to ensure these providers meet adequate security standards.

  • Whether you are in Montreal or San Francisco, we extend the highest standard of rights to you.

    • Right to Access: You may ask for a copy of all data we hold about you.

    • Right to Rectification: You may ask us to correct inaccurate information.

    • Right to Erasure ("Right to be Forgotten"): You may ask us to delete your data, subject to our professional obligation to retain client files for conflict checking (typically 7 years).

    • Right to Withdraw Consent: You may unsubscribe from marketing emails at any time.

    • Do Not Sell My Info: We never sell your personal information to data brokers or third parties.

    To exercise any of these rights, email privacy@sjlaliberte.com.

  • We use functional cookies to make the website work.

    • Essential Cookies: Required for the site to load and prevent attacks (CSRF).

    • Analytics Cookies: We use Squarespace Analytics to see which blog posts and web pages are popular. These are aggregated and anonymized.

    • Marketing Cookies: We do not use Facebook Pixels or intrusive cross-site trackers.

    You can disable cookies in your browser settings, though some parts of the site may not function perfectly.

  • Security: We enforce Multi-Factor Authentication (MFA) on all suppliers accounts and access to the internal database.

    Retention:

    • Inquiries: Retained for 2 years if you do not become client.

    • Client Files: Retained for 7 years as required by the Barreau du Québec and insurance requirements.

  • Privacy laws evolve. We may update this policy to reflect changes in Law 25, CPRA, or our tech stack.

    • Last Material Change: January 22, 2026