At a glance
What we collect
- ·Information you enter into a contact form (name, email, optional company, optional practice-area interest, message).
- ·If you join a waitlist, your email address and which update you asked for—stored only after you confirm it by email (double opt-in).
- ·A hashed (one-way) version of your IP address, used only for short-term rate limiting on our forms.
- ·Standard server logs (request URL, timestamp) kept by our hosting provider for routine operations.
What we do not do
- ·No third-party analytics, advertising trackers, or behavioral profiling.
- ·No tracking cookies set by this site.
- ·No selling or renting of personal information.
- ·No collection of sensitive personal information (financial, health, government IDs) through this website.
Information we collect
The only information you provide directly to us through this website is what you choose to enter into a contact form, including:
- Your name and email address;
- Optionally, your company or affiliation;
- Optionally, the practice area you are interested in;
- The contents of your message.
If you join a waitlist for one of our updates (for example, the Signals brief or custom alerts), we collect your email address and a record of which update you requested. We use a double opt-in process: we email you a confirmation link, and your address is only added to the list once you click it. Until you confirm, an unconfirmed entry is automatically deleted after a short period (see Retention).
When a form is submitted, our servers also receive your IP address. We do not retain the raw IP. Instead we compute a one-way salted hash of it and use that hash for short-term rate limiting. The hash cannot be reversed to recover the original IP.
Like any web service, our hosting and infrastructure providers maintain operational logs (request URLs, timestamps, response codes) on our behalf. We do not use those logs for marketing, profiling, or sale.
How we use information
We use the information you submit to:
- Respond to your inquiry;
- Conduct a conflicts check, if relevant, before a substantive response;
- Maintain records of communications with the firm consistent with applicable rules of professional conduct;
- Send you the specific update you asked for, if you joined a waitlist—and only that update;
- Operate, secure, and improve this website (including preventing abuse and spam).
We only send list emails to addresses that have confirmed their subscription, and every such email includes an unsubscribe link you can use at any time. We will not use the information you provide for any other marketing outreach without your consent. We do not sell, rent, or trade your information.
Service providers
We rely on a small set of established service providers (“subprocessors”) to operate this website. Each processes information only on our instructions, under a data processing agreement, and is itself independently audited (SOC 2 Type II or equivalent):
- Vercel — website hosting and content delivery (serves pages, maintains operational logs).
- Supabase — managed database that stores contact-form submissions and waitlist signups.
- Resend — email delivery for confirmation and list emails.
- Sentry — error and performance monitoring. We configure it not to collect personal data: it does not attach your IP, and any recorded session view masks all text and form inputs.
These providers may process and store information on servers located in the United States. We have data processing agreements in place with each, and rely on appropriate safeguards (such as the Standard Contractual Clauses) for any transfer of personal data from the EEA, UK, or Switzerland.
Retention
We retain contact-form submissions for as long as needed to respond to your inquiry and to maintain records consistent with applicable rules of professional conduct. We delete submissions on request, subject to any retention obligations imposed by law.
For waitlists, an unconfirmed signup is automatically deleted if it is not confirmed within 90 days. A confirmed signup is kept until you unsubscribe, after which it is removed from the active list. The hashed-IP record used for rate limiting expires automatically.
Security
We take reasonable steps to protect the information you submit. The form is delivered over HTTPS. Submissions are stored in a managed database with access controls. We avoid collecting more information than we need.
No transmission over the internet, and no system of electronic storage, is completely secure. If you have a sensitive matter, please reach out by phone or in person rather than entrusting the substance of the matter to a web form.
Your rights
Regardless of where you live, you may contact us to:
- Ask what information we hold about you that you provided through this website;
- Request correction of inaccurate information;
- Request deletion of information you have submitted (subject to legal retention obligations);
- Unsubscribe from any list email, either through the unsubscribe link in the email itself or by contacting us;
- Withdraw consent to communications you previously opted into.
We will respond within a reasonable time. If we cannot honor a request because of a legal obligation, we will tell you why.
California residents
California residents may have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), including the rights to know, delete, correct, and limit certain uses of personal information.
We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under California law. To exercise a California right, contact us using the information below and identify yourself as a California resident.
EU, UK, and data transfers
If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) or equivalent local law may apply to information we collect from you.
Our legal bases for processing are: your consent (when you voluntarily submit a contact form or confirm a waitlist signup), our legitimate interests in operating and securing our website and responding to inquiries, and, where relevant, compliance with legal obligations. Where we rely on consent, you may withdraw it at any time.
Because our service providers are based in the United States (see Service providers), personal data may be transferred to and processed there. For such transfers we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses and the UK equivalent.
You have rights to access, rectify, erase, restrict, object to, or port your personal data, and to lodge a complaint with your local data protection authority. To exercise these rights, contact us using the information below.
Children
This website is not directed at children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has submitted information through this site, please contact us and we will delete it.
Changes to this policy
We may update this policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. Material changes will be highlighted in an appropriate manner.
Contact us
To exercise any right under this policy, or to ask a question:
- Emailhello@bellementis.com
- MailBellementis PLLC
1725 I Street, NW, Third Floor
Washington, DC 20006 - Phone(202) 349-3745
