Privacy Policy

1. Data Collection

  • Personal Data: Name, email, contact number, billing address, payment details (via PCI-DSS compliant gateways like Stripe/JazzCash).
  • Optional: Profession (e.g., lawyer, student), firm/organization.
  • Usage Data: IP address, browser type, device info, pages visited, search queries.
  • Cookies: Essential, functional, and analytics cookies used to personalize experience.

2. Use of Data

  • To provide Services, process payments, and manage accounts.
  • To send updates about judgments, legal opinions, or policy changes.
  • To improve Website functionality via analytics (e.g., Google Analytics).
  • To prevent fraud/abuse under PECA, 2016.
  • Legal Basis: Performance of contract, legitimate interests (security, analytics), and consent (for marketing emails; opt-out anytime).

3. Data Sharing and Disclosure

  • Third Parties: Payment processors (transaction data only), cloud hosting providers (Pakistan/UAE).
  • Never shared: No sale to advertisers or data brokers.
  • Legal Requirements: Disclosure if required under Qanun-e-Shahadat Order, 1984 or Anti-Terrorism Act, 1997.

4. Data Security

  • Encryption: SSL/TLS for secure transmission.
  • Access Control: Staff trained on confidentiality; limited access.
  • Breach Protocol: Notify users and NR3C within 72 hours.

5. User Rights

  • Access/Correction: View or update data via dashboard.
  • Deletion: Request account deletion (processed in 30 days; usage data anonymized).
  • Object/Restrict: Opt out of marketing or limit data processing.

6. Retention Period

  • Data retained while account is active.
  • Inactive accounts (2+ years) are anonymized or deleted.
  • Payment records retained for 7 years per tax laws.

7. Children’s Privacy

Services are not intended for users under 18. Underage accounts are deleted upon discovery.

8. International Transfers

Data is primarily stored in Pakistan. Transfers to UAE or other countries use standard contractual clauses or adequacy decisions.

9. Updates to Policy

Policy changes are posted on the Website. Material changes are emailed to members.

Contact Information

  • Data Controller: Pakistan Law Library
  • Address: [Insert Physical Address in Pakistan]
  • Email: [Your Support Email]
  • Phone: [Your Contact Number]
  • Grievance Officer: [Designated Name]
  • Email: [Compliance Email] (Required under PECA, 2016)

Compliance Notes

  • Aligned with PECA 2016, Electronic Transactions Ordinance 2002, and GDPR principles.
  • Explicit checkboxes during sign-up for Terms and Privacy Policy.
  • Urdu translation available upon request (Article 251 of Pakistan’s Constitution).

Disclaimer: This policy is a template. Consult a licensed Pakistani attorney for case-specific legal review.

On this page
1. Data Collection 2. Use of Data 3. Data Sharing and Disclosure 4. Data Security 5. User Rights 6. Retention Period 7. Children’s Privacy 8. International Transfers 9. Updates to Policy Contact Information Compliance Notes