Privacy Policy for VFL Toolkit
Effective Date: February 1 2026
Last Updated: February 1, 2026
1. Introduction and Scope
This Privacy Policy ("Policy") describes how Burroughs Law Office, P.C. ("Developer," "we," "us," or "our") handles information in connection with the VFL Toolkit application ("App"). This Policy applies to all users ("you" or "User") who download, install, access, or use the App on any Apple device.
This App is designed with privacy-first principles. The vast majority of data processing occurs on your device. The Developer does not independently collect, access, or store your personal information. Certain optional features involve transmission of data to third-party services under your control, as described below.
2. Definitions
"User Data" — Any information, documents, calculations, case details, or other materials input or generated by you within the App.
"Device" — Any Apple-branded hardware (including iPhone, iPad, or Mac) on which the App is installed.
"Personal Information" — Information that identifies, relates to, or could reasonably be linked to you or your household.
"Third-Party Services" — Services not owned or controlled by the Developer, including Apple iCloud, Clio Manage, Paxton AI, calendar services, and email services.
3. Information We Do NOT Collect
The Developer does not collect, access, store, process, or transmit any of the following:
- Personal information of any kind
- User Data or documents processed within the App
- Device information or identifiers
- Usage analytics or app performance data
- Location information
- Contact information
- Account credentials or authentication data
4. Data Processing and Storage
4.1 On-Device Storage
All User Data — including client records, matter details, calculations, and generated documents — is stored locally on your Device using Apple's SwiftData framework. The Developer has no ability to access this data.
4.2 iCloud Sync (Optional)
If you enable iCloud sync, your data is synchronized across your Apple devices using Apple's CloudKit service. This data is encrypted in transit and at rest by Apple. The Developer does not have access to your iCloud data. Apple's privacy policy governs iCloud data handling.
4.3 Clio Manage Integration (Optional)
If you choose to connect your Clio Manage account, the App will transmit certain User Data to Clio's servers, including:
- Client names and contact information
- Matter details (case numbers, court information, party names)
- Generated PDF documents uploaded to Clio
- Calculation summaries saved as Clio notes
This data transfer occurs only at your direction and requires your explicit authentication with Clio via OAuth 2.0. The Developer does not store your Clio credentials; authentication tokens are held in the iOS Keychain on your Device. Clio's privacy policy governs data stored on Clio's servers. A separate Clio Manage subscription is required.
4.4 Calendar Integration (Optional)
If you grant calendar access, the App can create, view, and remove calendar events for case deadlines. This uses Apple's EventKit framework and interacts only with calendars configured on your Device (including calendars synced via iCloud, Google, or Outlook). The Developer does not access your calendar data.
4.5 Paxton AI (External Service)
The App provides quick-access links to Paxton AI for legal research. If you choose to visit Paxton AI, you will be directed to their website via an in-app browser or your default browser. The Developer does not transmit any User Data to Paxton AI. Paxton AI's privacy policy governs your use of their service. A separate Paxton AI account is required.
4.6 No Developer Access
The Developer does not have any technical capability to access, view, collect, or retrieve any User Data processed within the App. All information remains solely under your control.
4.7 Microsoft OneDrive for Business Integration (Optional)
If you choose to connect your Microsoft OneDrive for Business account, the App can upload and store generated PDF documents to your OneDrive for Business storage. This data transfer occurs only at your direction and requires your explicit authentication with Microsoft via OAuth 2.0. Authentication tokens are held in the iOS Keychain on your Device. The Developer does not store your Microsoft credentials or have access to your OneDrive data. Microsoft's privacy policy governs data stored on Microsoft's servers. A separate Microsoft 365 Business account is required.
5. Data Retention
Since the Developer does not collect or store any data, there are no data retention periods applicable to the Developer. You control all aspects of data retention on your Device and within any third-party services you choose to use.
6. User Control and Data Export
6.1 Complete User Control
You maintain complete control over all User Data. You can delete, modify, export, or back up your data at any time using the App's built-in features.
6.2 Data Export
The App provides functionality to export your data as PDF documents, which you may save, share, or print. When you export data to third-party services, those services' privacy policies apply.
6.3 Clio Data Management
You can connect or disconnect your Clio account at any time from the App's settings. Disconnecting removes authentication tokens from your Device but does not delete data already synced to Clio. To remove data from Clio, use Clio's own data management tools.
6.4 No Developer Recovery Capability
The Developer cannot recover, restore, or access your data under any circumstances, including device loss, damage, or accidental deletion.
7. Security
7.1 Device Security
You are responsible for maintaining security on your Device, including enabling Face ID or Touch ID, setting strong passcodes, and keeping your operating system updated. The App offers optional biometric lock (Face ID / Touch ID) for additional protection.
7.2 Clio Authentication Security
Clio OAuth tokens are stored in the iOS Keychain with encryption. The Clio client secret is held on a secure server-side proxy and is never exposed to the App or your Device.
7.3 Security Incident Response
In the event of a security vulnerability in the App, the Developer will investigate promptly, release patches as needed, and notify users through App Store update notes.
8. Third-Party Services
8.1 No Third-Party Analytics
The App does not integrate with any third-party analytics services, crash reporting tools, or advertising networks.
| Service | Purpose | Data Shared | Required |
|---|---|---|---|
| Apple iCloud / CloudKit | Cross-device sync | All App data (encrypted) | Optional |
| Clio Manage | Practice management sync | Clients, matters, documents, notes | Optional |
| Apple EventKit | Calendar deadlines | Event titles and dates | Optional |
| Paxton AI | Legal research (external link) | None | Optional |
| Fastcase | Legal research (external link) | None | Optional |
When you use third-party services, the Developer has no control over their privacy practices and is not responsible for their data handling.
9. Children's Privacy
The App is not directed at children under 13 and does not knowingly collect information from children.
10. GDPR Compliance
Since the Developer does not process personal data, no legal basis for processing is required under GDPR. EU users may exercise data rights directly through the App's built-in functionality and through any third-party services they choose to use.
11. International Data Transfers
The Developer does not transfer data internationally. If you enable iCloud sync or Clio integration, those services may transfer data according to their own policies.
12. Privacy Policy Updates
12.1 Right to Modify
The Developer reserves the right to update this Policy to reflect changes in App functionality, legal requirements, or security measures.
12.2 Notification
Material changes will be communicated through App Store update notes and, where feasible, in-app notification.
12.3 Continued Use
Your continued use of the App after changes constitutes acceptance of the updated Policy.
13. Legal Compliance
Since the Developer does not collect, store, or have access to User Data, the Developer cannot comply with requests for user information from law enforcement or other agencies.
14. Contact Information
For questions or concerns related to this Privacy Policy:
Email: lawren@burroughs.law
Burroughs Law Office, P.C.
4445 Corporation Ln STE 225
Virginia Beach, VA 23462
Response time: Typically within 30 days.
15. Disclaimers
15.1 No Warranty
The privacy protections described herein are provided "as is" without warranty of any kind.
15.2 User Responsibility
You are responsible for Device security, choosing secure third-party services, and complying with applicable privacy laws.
15.3 Integration with Terms of Use
This Policy should be read with the App's Terms of Use. In case of conflict, the Terms of Use govern.
Last Updated: February 1, 2026 | Version: 1.0
By using the VFL Toolkit application, you acknowledge that you have read, understood, and agree to this Privacy Policy.