Privacy Policy

Effective Date: March 12, 2026

Last Updated: March 12, 2026

Introduction

Schallert PC, A Woman Owned Professional Law Corporation ("Schallert PC," "we," "our," or "us") is committed to protecting the privacy and security of personal information. This Privacy Policy describes how we collect, use, disclose, and otherwise process personal information in connection with our website located at www.schallertpc.com (the "Site"), as well as our legal services, communications, and business operations.

This Privacy Policy is provided in compliance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, "CCPA"), and the regulations adopted by the California Privacy Protection Agency ("CPPA"), including those effective January 1, 2026. To the extent that other state or federal privacy laws apply to our processing of your personal information, we will comply with those laws as well.

Schallert PC specializes in workers' compensation defense, representing insurance carriers, third-party administrators (TPAs), public entities, and self-insured employers throughout the State of California. This Privacy Policy applies to California residents ("consumers") who interact with us through our Site, legal engagement, or other business communications.

Scope and Applicability

What This Policy Covers

This Privacy Policy applies to personal information we collect from or about:

• Visitors to our Site at www.schallertpc.com
• Prospective, current, and former clients
• Opposing parties, witnesses, claimants, and other individuals involved in litigation matters we handle
• Individuals who contact us via email, telephone, or other direct communication channels on our Site
• Business contacts at insurance carriers, TPAs, public entities, and self-insured organizations

What This Policy Does Not Cover

This Privacy Policy does not apply to:

• Information collected, processed, or maintained by Schallert PC solely in its capacity as a service provider or contractor acting on behalf of a client, where such information is subject to a written agreement with that client and processed exclusively for the client's purposes.
• Information that is protected by the attorney-client privilege, the work product doctrine, or other applicable legal privileges or immunities. The CCPA does not require disclosure of privileged information, and nothing in this Privacy Policy shall be construed as a waiver of any such privilege.
• Personal information collected and used solely within the context of an individual's role as a job applicant, employee, owner, director, officer, or contractor of Schallert PC, to the extent such information is exempt under CCPA §1798.145(h).
• Personal information reflecting a written or verbal business-to-business (B2B) communication or transaction, to the extent such information is exempt under CCPA §1798.145(n).
• De-identified or aggregated information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular consumer or household.

Categories of Personal Information We Collect

In the preceding twelve (12) months, we have collected the following categories of personal information from consumers, as defined under CCPA §1798.140(v):

Sensitive Personal Information

In the course of providing legal services related to workers' compensation defense, we may collect or process the following categories of sensitive personal information as defined under CCPA §1798.140(ae):

Social Security number, driver's license number, or state identification card number (when provided in connection with a legal matter or as required for court filings)

Racial or ethnic origin (only where relevant to the legal matter)

Health and medical information, including physical or mental health diagnoses, treatment records, and medical provider information (as produced in workers' compensation proceedings)

Contents of mail, email, or text messages (where Schallert PC is not the intended recipient, and only as obtained through litigation discovery or lawful processes)

We use and disclose sensitive personal information only as reasonably necessary and proportionate to provide the legal services for which such information was collected, and for the additional purposes permitted under CCPA §1798.121(a). We do not use sensitive personal information for purposes of inferring characteristics about consumers beyond what is necessary for legal representation.

How We Collect Personal Information

Information You Provide Directly

We collect personal information that you voluntarily provide to us when you:

• Contact us via email at team@schallertpc.com or through the phone contact listed in our header and footer
• Submit information through email or telephone channels on our Site
• Engage us for legal representation
• Correspond with our firm in connection with any legal matter, business inquiry, or referral

Information Collected Automatically

Our Site is hosted on Netlify, a third-party content delivery and hosting platform. Schallert PC does not deploy any client-side tracking technologies, cookies, pixels, beacons, or analytics scripts on the Site. We do not use Google Analytics, Facebook Pixel, or any similar third-party tracking tools.

However, as part of its standard hosting operations, Netlify's server infrastructure automatically collects certain technical information when you visit our Site, including IP addresses, browser type, operating system, referring URLs, pages requested, and timestamps. This information is collected at the server level through standard HTTP access logs and is not collected through cookies or client-side scripts. For information about Netlify's own data practices, please review Netlify's Privacy Policy at https://www.netlify.com/privacy/.

Information from Third Parties

We may receive personal information about you from third-party sources in the course of providing legal services, including:

• Insurance carriers, TPAs, and self-insured employers that engage our firm
• Opposing parties and their counsel
• Courts, administrative agencies (including the Workers' Compensation Appeals Board), and other governmental entities
• Medical providers and medical record custodians through authorized releases or subpoena
• Investigators, vocational experts, medical examiners, and other professionals retained in litigation

Business and Commercial Purposes for Collecting and Using Personal Information

We collect and use personal information for the following business and commercial purposes:

• Providing legal services. To provide workers' compensation defense, 132(a) defense, fraud defense, lien resolution, mediation and arbitration representation, and carve-out and MSA negotiation services to our clients.
• Communicating with you. To respond to your inquiries, schedule consultations, provide case updates, and otherwise communicate with clients, prospective clients, opposing parties, carriers, TPAs, and courts.
• Complying with legal obligations. To comply with applicable federal, state, and local laws, regulations, court orders, and legal process, including but not limited to obligations under the California Labor Code, the Rules of Professional Conduct, and the Workers' Compensation Act.
• Maintaining security and preventing fraud. To protect the security and integrity of our Site, systems, data, and business operations, and to detect and prevent fraud, unauthorized access, and other illegal activities.
• Internal operations and administration. To manage our firm's business operations, including billing, conflict checks, document management, quality assurance, and professional development.
• Exercising and defending legal claims. To establish, exercise, or defend legal claims on behalf of our clients or the firm.
• Operating and maintaining the Site. To operate, maintain, and ensure the functionality and security of www.schallertpc.com.
• We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you with notice and, where required, obtaining your consent.

Disclosure of Personal Information

Categories of Third Parties

We may disclose your personal information to the following categories of third parties for the business purposes described in Section 5:

• Our clients (insurance carriers, TPAs, public entities, and self-insured employers) in connection with the legal matters for which we are engaged
• Courts, administrative agencies, arbitrators, mediators, and other tribunals
• Opposing parties and their counsel, as required or permitted by applicable rules of procedure and professional conduct
• Expert witnesses, investigators, medical examiners, and other professionals retained in connection with legal matters
• Service providers that assist us in operating our business, such as IT and cloud service providers (including Netlify for website hosting), billing and payment processors, document management providers, and legal research platforms
• Government agencies and regulatory bodies, as required by law or legal process
• Professional advisors, including accountants, auditors, and insurance providers, in connection with the operation of our firm

No Sale or Sharing of Personal Information

Schallert PC does not sell personal information as defined under CCPA §1798.140(ad). We have not sold personal information in the preceding twelve (12) months, and we do not have actual knowledge that we sell the personal information of consumers under 16 years of age.

Schallert PC does not share personal information for cross-context behavioral advertising as defined under CCPA §1798.140(ah). Because our Site does not deploy third-party tracking technologies, cookies, pixels, or advertising scripts, no personal information is transferred to third parties for behavioral advertising purposes.

Accordingly, we do not display a "Do Not Sell or Share My Personal Information" link on our Site, as such a link is not required where no sale or sharing occurs. Should our data practices change in the future, we will update this Privacy Policy and provide appropriate opt-out mechanisms.

Retention of Personal Information

We retain personal information for as long as reasonably necessary to fulfill the purposes for which it was collected, including to satisfy our legal, ethical, regulatory, and professional obligations. Specific retention periods are determined based on the following criteria:

Client and case files: Retained for a minimum of five (5) years following the closure of the matter, or longer as required by the California Rules of Professional Conduct, applicable statutes of limitations, or client instructions.

Billing and financial records: Retained for a minimum of seven (7) years in accordance with applicable tax and accounting requirements.

Website server logs: Netlify retains standard server access log data for up to thirty (30) days as part of its standard hosting operations. Schallert PC does not independently retain copies of server access log data.

Email and telephone inquiries: Retained for as long as necessary to respond to the inquiry and for a reasonable period thereafter, or as required for record-keeping in connection with a legal matter, typically up to three (3) years.

All other personal information: Retained for the duration of the business relationship plus a reasonable period as necessary for legal compliance, or until the information is no longer needed for the purposes for which it was collected.

When personal information is no longer necessary for its stated purposes and no legal obligation requires its retention, we will securely delete or de-identify it.

Your Rights Under the CCPA

If you are a California resident, you have the following rights with respect to your personal information, subject to certain exceptions provided under the CCPA and applicable regulations:

Right to Know / Right of Access

You have the right to request that we disclose to you the categories and specific pieces of personal information we have collected about you in the preceding twelve (12) months, the categories of sources from which it was collected, the business or commercial purposes for which it was collected or sold, and the categories of third parties to whom we disclosed it. You may request this information up to two (2) times in a twelve-month period.

Right to Delete

You have the right to request that we delete personal information we have collected from you, subject to certain exceptions. We may deny your deletion request if retaining the information is necessary for us or our service providers to complete a transaction, provide a good or service, comply with a legal obligation, exercise or defend legal claims, detect security incidents, or otherwise use the information internally in a lawful manner compatible with the context in which it was provided.

Right to Correct

You have the right to request that we correct inaccurate personal information that we maintain about you, taking into account the nature of the personal information and the purposes for which we process it.

Right to Opt-Out of Sale/Sharing

As stated in Section 6.2, Schallert PC does not sell or share your personal information. If our practices change, we will provide an opt-out mechanism and update this Privacy Policy accordingly.

Right to Limit Use and Disclosure of Sensitive Personal Information

Where we collect sensitive personal information, you have the right to direct us to limit the use and disclosure of your sensitive personal information to that which is necessary to perform the legal services for which such information was collected or as otherwise permitted under the CCPA. As described in Section 3.1, we use sensitive personal information only for purposes authorized under CCPA §1798.121(a).

Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. We will not deny you goods or services, charge you different prices or rates, provide you a different level or quality of service, or suggest that you may receive a different price, rate, or quality level for exercising your rights.

How to Exercise Your Rights

To submit a verifiable consumer request to exercise any of the rights described in Section 8, you may contact us through any of the following methods:

Contact Methods

• By Email: team@schallertpc.com
• By Phone: Use the phone contact listed in our header and footer
• By Mail: Schallert PC, Privacy Request, at the address listed on our Site
• When contacting us, please include "CCPA Privacy Request" in the subject line or at the beginning of your correspondence.

Verification

Upon receiving a request, we must verify that the person making the request is the consumer about whom we have collected information, or is an authorized agent of that consumer. Our verification process may require you to provide information that matches information we already have on file. The specific information requested will depend on the nature and sensitivity of the request. For requests to access specific pieces of personal information, we will apply a heightened level of verification, which may include a signed declaration under penalty of perjury.

We will not request that you provide additional personal information beyond what is reasonably necessary for verification, and we will not use information submitted for verification purposes for any other purpose.

Authorized Agents

You may designate an authorized agent to submit a request on your behalf. If you do so, we may require the authorized agent to provide proof of your written authorization (such as a power of attorney or signed letter of authorization), and we may require you to verify your own identity directly with us and confirm that you authorized the agent to act on your behalf, unless the agent provides a valid power of attorney under California Probate Code §§4000-4465.

Response Timeline

We will acknowledge receipt of your request within ten (10) business days. We will respond to a verifiable consumer request within forty-five (45) calendar days of receiving the request. If we reasonably require more time (up to an additional forty-five (45) calendar days), we will inform you of the reason and the extension period in writing. If we are unable to fulfill your request, we will explain the reason in our response.

Cookies, Tracking Technologies, and Opt-Out Preference Signals

Our Site Does Not Use Cookies or Tracking Technologies

Schallert PC does not deploy any first-party or third-party cookies, tracking pixels, web beacons, browser fingerprinting technologies, or client-side analytics scripts on our Site. We do not engage in cross-context behavioral advertising. We do not use Google Analytics, Facebook Pixel, LinkedIn Insight Tag, or any similar service.

Our Site is a static website hosted on Netlify's content delivery network (CDN). Netlify's hosting infrastructure may process standard HTTP request data (such as IP address, user agent, and timestamps) as part of its server-side operations. Schallert PC has not enabled Netlify's optional analytics product or any additional tracking integrations.

Opt-Out Preference Signals / Global Privacy Control

Although our Site does not sell or share personal information and does not deploy tracking technologies, we respect browser-based opt-out preference signals such as the Global Privacy Control (GPC). If we receive a GPC signal or similar opt-out preference signal from your browser, we will treat it as a valid request to opt out of the sale and sharing of personal information associated with that browser, to the extent applicable. Because we do not currently sell or share personal information, no action is required on our part in response to such signals; however, we honor them as a matter of principle and in compliance with CCPA §1798.135(e).

Personal Information of Minors

Schallert PC does not knowingly collect personal information from individuals under the age of sixteen (16) through our Site. Our legal services are directed to adults and business entities. If we become aware that we have collected personal information from a minor under 16 without proper consent, we will take steps to delete that information as promptly as possible. If you believe that we have collected personal information from a minor, please contact us at team@schallertpc.com.

Security of Personal Information

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, destruction, use, modification, or disclosure. These safeguards include, but are not limited to:

Encryption of data in transit (TLS/SSL) on our Site

Access controls limiting personnel who can access personal information to those with a legitimate business need

Use of secure, professionally managed hosting infrastructure (Netlify)

Employee and contractor training on data protection and confidentiality obligations

Retention and disposal policies designed to minimize the retention of personal information beyond what is necessary

No method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at team@schallertpc.com.

Financial Incentives

Schallert PC does not offer financial incentives, price or service differences, or loyalty programs that are related to the collection, retention, sale, or sharing of personal information. Accordingly, no notice of financial incentive is required at this time. If we introduce any such programs in the future, we will update this Privacy Policy and provide the required disclosure.

Third-Party Websites and Services

Our Site may contain links to third-party websites or services that are not operated or controlled by Schallert PC. This Privacy Policy does not apply to such third-party websites or services. We encourage you to review the privacy policies of any third-party websites or services that you visit. We are not responsible for the privacy practices of third parties.

Automated Decision-Making Technology (ADMT)

Schallert PC does not use automated decision-making technology to make significant decisions about consumers as defined under the CPPA's ADMT regulations effective January 1, 2027. All substantive decisions related to legal strategy, case evaluation, and client communication are made by our licensed attorneys exercising professional judgment. Should our use of technology change in a manner that implicates the ADMT provisions of the CCPA, we will update this Privacy Policy and provide required notices accordingly.

Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites. Because there is no universally accepted standard for how to respond to DNT signals, our Site does not currently respond to DNT signals. However, as described in Section 10.2, we do honor Global Privacy Control (GPC) signals, which serve a similar function under California law.

Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make material changes, we will update the "Last Updated" date at the top of this Privacy Policy. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information. We will provide notice of any material changes as required by applicable law. This Privacy Policy will be reviewed and updated at least once every twelve (12) months.

Contact Information

If you have any questions, comments, or concerns about this Privacy Policy, our data practices, or if you wish to exercise your privacy rights, please contact us:

• Schallert PC
• Email: team@schallertpc.com
• Phone: Use the phone contact listed in our header and footer
• Website: www.schallertpc.com
• For privacy-specific inquiries, please include "CCPA Privacy Request" or "Privacy Inquiry" in the subject line of your correspondence to ensure timely routing and response.

California Consumer Request Metrics

In accordance with CCPA §1798.185(a)(7) and implementing regulations, Schallert PC will compile and disclose the following information annually regarding consumer requests received in the prior calendar year:

The number of requests to know, requests to delete, and requests to opt-out received, complied with (in whole or in part), and denied

The median or mean number of days within which we substantively responded to each type of request

This information will be made available on our Site or upon request, as required by applicable regulations.

Supplemental Notices for Other Jurisdictions

While this Privacy Policy is drafted to comply with the CCPA/CPRA, Schallert PC recognizes that other state privacy laws may apply to individuals with whom we interact. To the extent that laws such as the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), or other state privacy legislation apply to our processing of personal information, we will comply with those laws' requirements, including any additional consumer rights or disclosure obligations. If you are a resident of a state with a comprehensive privacy law and wish to exercise your rights, please contact us using the methods described in Section 9.

Notice at Collection

Pursuant to CCPA §1798.100(b) and CPPA Regulation §7012, this Privacy Policy serves as our Notice at Collection of Personal Information. The categories of personal information we collect, the purposes for which each category is collected, and the retention periods for each category are described in Sections 3, 5, and 7, respectively. We do not sell or share personal information. We do not use or disclose sensitive personal information for purposes beyond those authorized under CCPA §1798.121(a).