Privacy Policy for LOPX

Last Updated: September 20, 2025

At LOPX, we are committed to protecting your privacy and ensuring a secure experience on our platform, which connects personal injury (PI) law firms and healthcare providers to streamline provider searches, case management, and communication. This Privacy Policy explains how we collect, use, protect, and share your personal information. Your data is securely stored within LOPX, HIPAA compliant, and your email, address, and location data are never shared with other platforms. By using LOPX, you agree to these practices.

1. Information We Collect

We collect information necessary to deliver our services:

Personal Information

Name, email address, phone number, location
Law firm or healthcare provider details (e.g., credentials, licenses)
Payment information (for premium plans, processed via secure third-party gateways)

Client and Case Information

Patient details (e.g., name, date of birth, injury details, medical history, location)
Protected Health Information (PHI) like treatment notes or referral sources, handled per HIPAA standards

Usage Information

Account settings, preferences, search queries, chat logs
Technical data (e.g., IP address, browser type, device info) via cookies or similar tools

Communication Information

Emails, customer support inquiries, feedback, or survey responses

2. How We Use Your Information

We use your information to:

Provide Services

Manage accounts, match law firms with providers, process LOP requests, and enable secure communication.

Personalize experience

Deliver tailored search results and recommendations

Process payments

Handle subscriptions securely via third-party processors

Improve the platform

Enhance search functionality and performance based on usage analytics

Ensure compliance

Meet legal obligations (e.g., HIPAA, CCPA) and prevent fraud

3. How We Share Your Information

Your data stays within LOPX and is not shared with other platforms:

Email, Address, Location

Never shared with external platforms

Within LOPX

Case details shared only between connected law firms and providers for collaboration

Service Providers

Trusted third parties (e.g., AWS for hosting, Stripe for payments) under strict data protection agreements, including HIPAA-compliant Business Associate Agreements for PHI

Legal Compliance

Shared only if required by law (e.g., subpoenas, HIPAA disclosures) or to protect LOPX’s rights

Business Transfers

Shared in mergers or sales, with user notice

No Sales

We do not sell your personal information or PHI

4. Data Security

Your data is securely stored within the LOPX platform with robust measures:

HIPAA compliance

Firewalls, multi-factor authentication, and secure US-based servers

No system is 100% secure, but we take every reasonable precaution

5. Data Retention

We retain data only as needed:

Account and case data

Kept for active use; PHI retained for 7 years post-case per HIPAA

Inactive accounts

Archived after 24 months, deleted after 5 years

Secure deletion

Data is securely deleted using industry-standard methods when no longer needed

Improve the platform

Enhance search functionality and performance based on usage analytics

Ensure compliance

Meet legal obligations (e.g., HIPAA, CCPA) and prevent fraud

6. Your Rights

You have control over your data:

Access/Correction

View or update your information via your account or privacy@lopx.com

Deletion

Request account/data deletion, subject to legal retention requirements

Opt-Out

Unsubscribe from marketing or disable non-essential cookies

CCPA (California)

Know, delete, or opt out of data “sales” (none occur); limit sensitive data use

HIPAA

Access, amend, or request restrictions on PHI; get disclosure accounting

GDPR (EU/UK)

Access, rectify, erase, restrict, or port data; object to processing

Submit requests to privacy@lopx.com; we respond within 30–45 days with identity verification.

7. Cookies and Tracking Technologies

We use cookies for functionality, analytics, and personalization:

Purpose

Cookies are used for functionality, analytics, and personalization

Types

Essential cookies are required; optional cookies (analytics, marketing) are enabled via our consent banner

Management

You can manage cookies in browser settings or our Cookie Policy

8. Third-Party Links

LOPX may link to third-party sites (e.g., provider websites) not covered by this policy. Review their privacy policies, as we are not responsible for their practices.

9. International Data Transfers

Data may be processed in the US. EU/UK transfers comply with GDPR’s Standard Contractual Clauses.

10. Children’s Privacy

LOPX is for users 18+. We do not knowingly collect children’s data and will delete it if discovered.

11. Changes to This Privacy Policy

We may update this policy, with changes posted on our site and notified via email or dashboard. Continued use indicates acceptance.

12. Contact Us

For questions or concerns:

LOPX Privacy Officer

100 Crescent Court, Suite 700, Dallas, Texas 75201 
Email: privacy@lopx.com
Phone: (214) 930-0029

For HIPAA concerns: hipaa@lopx.com or contact the HHS Office for Civil Rights.
For GDPR, contact your local data protection authority.