Privacy policy

Effective Date: 15 February 2024

Josef Legal Pty Ltd (ACN 619 557 452) (collectively Josef, we, us, and our) is committed to keeping your personal information safe, secure and private. This privacy policy (Privacy Policy) applies to the information and data collected by Josef as a controller, including the information we collect from you on our website and through our products and services, and is intended to provide you with information about what personal data Josef collects about you and how it is used.

It sets out how Josef will collect, use, store and dispose of any personal information collected via the website (Josef website) and our products and services.

By visiting the Josef website, using our products and services or otherwise interacting with us, you agree to us processing your personal information in accordance with this Privacy Policy.

We may update this Privacy Policy from time to time. If we do so, we will post any changes to our Privacy Policy on the Josef website. If the changes are significant we will send you details of those changes by email.

How we collect personal information

“Personal information” or “personal data” is any information about an individual which can be used to identify them. We may collect personal information from you in the following circumstances:

– when you interact with us electronically or access the Josef website (e.g. by signing up to our subscription page or newsletter, requesting a demonstration of our products, using our products, clicking links, or completing a form or survey)

– when your employer uses our products and/or services, they may provide your personal information to us on your behalf (e.g. when you are registered as a user of our products and services for the purposes of setting you up with account access);

– when you contact our support team or make an enquiry about our products and services;

– if you are an employee or prospective employee of Josef we may collect personal information from you or other third parties (e.g. recruiters);

– As is true of most other websites, Josef’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of Josef’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, to help protect against data breaches caused by malicious bots and gather broad demographic information that assists us in identifying visitor preferences.

We may also receive personal information about you from third parties. If we do, we will handle and protect it as set out in this Privacy Policy.

The Josef website and our products and services are not intended for or targeted at persons under 16 years of age and we do not knowingly or intentionally collect information about persons under 16 years of age.

The kinds of personal information we collect

The personal information we collect may include your name, email address, business name, phone number and any other contact information you provide us, information about your legal and personal affairs and any other information requested by us and provided by you.

We do not generally collect sensitive information about you. Sensitive information includes things like information or opinions about your racial or ethnic origin, political opinion, religious beliefs and sexual orientation.

To protect against malicious bots interacting with our website Josef has enabled Google Recaptcha which may collect your information such as referrer URL, IP Address, Operating system information, Cookies, Mouse and keyboard behaviour, date and language settings, JavaScript objects and screen resolution.

How we may use personal information

We may use personal information collected from you to:

– contact you or to provide you with information, updates and our services;

– improve our products and services and better understand your needs and improve your browsing experience of the Josef website;

– promote our services and products and share promotional information and content with you in accordance with your preferences.

We only use the information we collect in a manner consistent with your relationship with us and in compliance with this Privacy Policy.

Processing personal information of persons from the European Economic Area (EEA)

If you are located in the EEA, we process personal information in accordance with the principles of data processing under the General Data Protection Regulation. Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform our obligations under a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

When you visit our website, or use our product and services, we collect your IP address for security reasons pursuant to our legitimate interest under the GDPR.

Disclosure of personal information

We may disclose your personal information to our employees. We will only disclose your personal information to third parties if you have authorised us to do so, if our businesses or assets (or part thereof) are transferred to that third party or if it is required, authorised or permitted by law.

We do not otherwise reveal your personal data to third parties for their independent use unless:

(1) you request or authorize it;

(2) the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others;

(3) the information is provided to our agents, vendors or service providers who perform functions on our behalf;

(4) to address emergencies or acts of God;

(5) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf; or

(6) We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for product and services improvement and/or marketing or promotional purposes.

How we hold personal information

Information that we collect is stored on the servers of the cloud-based database management services Josef engages. That information may from time to time be stored, processed in or transferred between parties located in countries outside of the country in which you access Josef. This may include, but is not limited to, the USA. By using Josef’s services, you acknowledge that your personal information may be processed in the United States to enable Josef to perform a contract with you; or to fulfill a compelling legitimate interest of Josef in a manner that does not outweigh your rights and freedoms. Josef endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Josef and the practices described in this Privacy Statement. Josef also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, Josef has received zero government requests for information.

If you are located in the EEA, note that the USA has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, we provide for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. We also take additional “supplementary measures” to ensure the protection of this data, in accordance with guidance from the European Data Protection Board.

Before we transfer your personal information overseas, we will take all reasonable steps to ensure that your information is only processed for authorised purposes and adequately protected using the appropriate technical, organisational, contractual or other lawful means. You consent to us disclosing your personal information to overseas recipients on this basis.

How we protect personal information

We are committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information. However, we cannot guarantee the security of any information that you transmit to us, or receive from us. The transmission and exchange of information is carried out at your own risk. Josef is SOC2 Type I and II certified.

Retention of personal information

How long we keep information we collect about you depends on the type of information and what it is used for. We retain personal information that you provide to us where we have an ongoing legitimate business need to do so (for example, as needed to comply with our legal obligations, resolve disputes and enforce our agreements).

We retain service data for the duration of your business relationship with us and for a period of time thereafter, to analyze the data for our own operations, and for historical and archiving purposes associated with our services. When we have no ongoing legitimate business need to process your personal information, we will securely delete or anonymise it or, if this is not possible, securely store your personal information until deletion is possible. You have certain rights regarding the deletion of your personal information as described below.

Sharing of personal information

To provide our products or services, we may need to disclose your personal information to third parties, including to:

– payment service providers;

– your employer if they are our client;

– where we are required by law to do so (e.g. to enforcement agencies, and government agency, regulatory bodies); and

– third parties such as our suppliers, subcontractors, professional advisors, courts of law, and our insurers who help us to deliver and support our products and services and related activities such as product usage analytics data storage and back-up, hosting our servers and website and providing IT services.

If this occurs, the third party’s privacy policy will apply to processing, storage, retention and protection your personal information.

We also enter into data processing agreements and model clauses with our vendors whenever feasible and appropriate.

Direct marketing

We do not sell or trade your personal information. However, we may from time to time send direct marketing communications to you about our activities, products and services and other content which we think you may find interesting. If you do not wish to receive such direct marketing, you may opt out of receiving this material at any time.


We may from time to time use cookies on the Josef website, and on our products and services. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our website.

Our website may from time to time use cookies to analyse website traffic and help us provide a better website visitor experience. In addition, cookies may be used to serve relevant ads to website visitors through third party services such as Google Adwords. These ads may appear on this website or other websites you visit.

Data collected by us through cookies may include personal information, in which case, that personal information will be regulated by the applicable privacy laws and handled by us in accordance with this Privacy Policy.

Josef makes available a comprehensive Cookie Policy that describes the cookies and tracking technologies used on Josef’s website and provides information on how users can accept or reject them. To view the notice, please click Cookie Notice.

Sharing Information with Third Parties

A list of our third party sub processors can be provided on request.

Your rights

You have certain rights under law regarding your personal information, including:

– a right to request access, rectification, correction, update or deletion of your personal information;

– a right to object to processing of your personal information or withdraw your consent to our processing of your personal information at any time;

– a right to request information about the purpose of the processing, the categories of data concerned, how long the data will be stored and to restrict our processing of your personal information or request that we provide you with a copy of your personal information;

– a right to request information about who else outside Josef might have received the data from us;

– a right to know what the source of the information was, if you didn’t provide it directly to us;

– rights related to automated decision making including profiling;

– the right to lodge a complaint with a supervisory authority if you think our processing of your personal information infringes applicable laws.

If you wish to confirm that we are processing your personal data, to have access to the personal data we may have about you, or to exercise any of your other rights, you can contact Alternatively, if you are located in the EEA, you can also contact the European Data Protection Supervisor or your nation’s data protection authority.

Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, Josef will provide you with a date when the information will be provided. If for some reason access is denied, Josef will provide an explanation as to why access has been denied.

Questions, Concerns or Complaints

We take your questions, concerns and complaints seriously. You can contact us at any time if you have any questions, concerns or complaints about our privacy practices, you can send details to We take these communications very seriously, and will respond to you as soon as possible.

If we cannot answer your questions or resolve your concern or complaint to your satisfaction you are entitled to lodge your complaint:

– for residents in Australia, with the Office of the Australian Information Commissioner at:; or

– for residents in the EEA and UK, with the relevant supervisory authority.

Josef Q

Experience Josef Q,
our AI tool, in action

Book a demo to see the transformative power of AI to create digital tools that unlock corporate content.

Josef Q

Book a
Josef Q Demo

Josef No-code

See Josef's no-code
automation platform

Book a demo to see our no-code workflow automation platform in action and learn how it transforms your day-to-day.

Josef no-code

Book a Josef
no-code Demo

Thanks for requesting
a demo!

We'll be in touch soon to arrange a time to speak.

Get legal
innovation news

Subscribe to our newsletter to get regular news and
updates from the exciting world of legal tech.

Thanks for subscribing!