Counsel Vision Privacy Policy
Effective Date: May 15, 2026 Last Updated: June 23, 2026
Counsel Vision ("Counsel Vision," "we," "us," or "our") is a product of KTSS LLC, a Michigan limited liability company. We provide a software-as-a-service legal practice operating system for law firms. This Privacy Policy describes how we collect, use, disclose, and protect personal information.
This Privacy Policy applies to: - Visitors to our marketing website - Prospective customers who request information or sign up for a trial - Authorized Users of the Counsel Vision platform - Individuals whose personal information is contained in Customer Data uploaded to the platform by our customers
This Privacy Policy does not apply to law firm clients' information that law firms ("Customers") submit to the platform. With respect to such information, Counsel Vision acts as a service provider or processor; the law firm is the controller and is responsible for its own privacy practices regarding its clients.
1. Information We Collect
1.1 Information you provide to us
Account information. When you sign up for Counsel Vision or are added as an Authorized User by your firm, we collect: name, email address, phone number, professional role, firm affiliation, and authentication credentials. Your phone number is collected as an account contact record. Counsel Vision does not send SMS messages to Authorized Users. (For the firm's use of SMS to communicate with its own clients via the platform, see § 2.2.)
Prospect and lead information. When you request information about Counsel Vision, sign up for a demo, attend a webinar, or otherwise interact with our sales and marketing activities, we collect contact information you provide along with information about your firm and your interest in our services.
Billing information. For paid subscriptions, we collect billing contact information, billing address, and payment method details. Payment card numbers are processed by our payment processor and are not stored on Counsel Vision systems.
Support communications. When you contact us for support, we collect the information you provide in those communications, including any screenshots or files you share.
Customer Data. When you use the platform, you and your firm upload, enter, or generate Customer Data — including client matter information, documents, communications, calendars, time entries, trust accounting records, and related materials. Customer Data may contain personal information about third parties (your firm's clients, opposing parties, witnesses, vendors). Counsel Vision processes this data on behalf of the firm as a service provider; the firm is responsible for the legal basis for collecting it and for its own privacy practices.
1.2 Information collected automatically
Usage information. When you use the Services, we automatically collect information about how you interact with them: pages visited, features used, time spent, click patterns, and similar metrics. This is used to operate, secure, and improve the Services.
Device and connection information. We collect IP address, browser type, operating system, device type, and similar technical details.
Log data. We maintain server logs that include access timestamps, requested URLs, response codes, and similar information.
Cookies and similar technologies. We use essential cookies to operate the Services (e.g., maintaining your session), and analytics cookies to understand how the Services are used. We do not use advertising cookies or third-party tracking cookies for marketing purposes.
1.3 Information from third parties
If you sign in via single sign-on (SSO) or integrate third-party services (e.g., Egnyte, FolderIt), we receive information from those services as authorized by you.
2. How We Use Information
We use the information we collect to:
- Provide and operate the Services, including authentication, multi-tenant data isolation, document storage, AI-assisted features, scheduling, billing, and communications
- Secure the Services, including detecting and preventing fraud, abuse, and security incidents
- Communicate with you, including service announcements, security notifications, billing communications, sales follow-up (for prospective customers who have engaged with us), and responses to your inquiries
- Improve and develop the Services, including diagnosing performance issues, prioritizing features, and refining usability
- Comply with legal obligations, including responding to lawful requests from courts or government agencies
- Enforce our agreements, including investigating violations of our Subscription Agreement and Acceptable Use restrictions
2.1 What we will NOT do with your information
We will not:
- Sell personal information to third parties
- Rent or trade personal information for marketing purposes
- Share your mobile information (including phone numbers collected for or processed through the SMS feature) with third parties or affiliates for marketing or promotional purposes
- Use Customer Data to train any general-purpose or third-party artificial intelligence or machine learning models
- Use Customer Data for any purpose other than providing and supporting the Services, except as expressly permitted in writing by the Customer
AI-powered features within Counsel Vision operate on a per-firm, per-matter basis using firm-specific configurations. AI processing of Customer Data does not contribute to training of any external model.
2.2 SMS Communications
Counsel Vision provides Customer law firms with the ability to send text (SMS) messages to their own clients and other contacts as part of the Services (for example, case deadline reminders and other matter-related communications). The Customer firm is the originator of these messages; Counsel Vision operates the underlying SMS platform infrastructure.
Originator and content. The Customer firm composes and authorizes message content. Counsel Vision does not author SMS content. With respect to message content, Counsel Vision acts as a service provider/processor; the firm is the controller.
Sender of record (carrier registration). During the current phase of operation, all platform SMS messages are sent from a single 10-digit long code (10DLC) phone number owned by Counsel Vision (KTSS LLC) and registered with U.S. wireless carriers through The Campaign Registry under the Counsel Vision brand. In a future phase, each Customer firm will use its own 10DLC number registered to that firm's own brand. Recipients should consult the firm that initiated a message for questions about the firm's identity and purpose.
Consent. It is the Customer firm's responsibility, as the party with the direct relationship with the recipient, to obtain and document any consent required by applicable law — including the Telephone Consumer Protection Act ("TCPA"), state telemarketing and consumer protection laws, and applicable state bar professional responsibility rules — before initiating SMS communications. Consent is typically obtained by the firm through one or more of the following methods: verbal authorization documented at client intake, a signed written consent or engagement form, or an electronic opt-in captured by the firm. Counsel Vision provides in-platform facilities for firms to record the method, source, and timestamp of per-recipient consent, and the platform honors STOP keyword opt-outs globally across the platform regardless of which firm initiated the original message. Counsel Vision does not collect end-recipient consent on behalf of firms and does not verify the validity of consent recorded by firms in the platform.
Opt-out and help. Recipients may opt out at any time by replying STOP (or other industry-standard opt-out keywords such as UNSUBSCRIBE, CANCEL, QUIT, END, or STOPALL) to any SMS message sent through the platform. Recipients may request assistance at any time by replying HELP or INFO to any such message, which returns an automated reply identifying the sender and providing support contact information. Counsel Vision will:
- Process the opt-out automatically upon receipt of the keyword
- Apply the opt-out globally across the entire Counsel Vision SMS platform — once a phone number opts out, no further SMS will be sent to that number through the platform by any firm
- Maintain the opt-out indefinitely so a number that has opted out is not contacted again
The platform's current global opt-out scope reflects the shared 10DLC infrastructure described above. If a recipient is a client of multiple Customer firms and wishes to opt out from only one firm, they should also contact that firm directly to manage their preferences. When per-firm 10DLC numbers are introduced in a future phase, opt-out scope may evolve; recipients will be notified of any material change.
Recipients who have questions about why they received an SMS or who wish to communicate about an issue beyond opt-out should contact the originating law firm directly.
Content and storage. SMS message records — including originating firm and Authorized User, recipient phone number, timestamp, message content, and delivery status — are stored on Counsel Vision's infrastructure (AWS us-east-2) as Customer Data of the originating firm. SMS content may include matter-related information protected by attorney-client privilege; such content is encrypted at rest and in transit on the same basis as all other Customer Data (see § 5).
Recipients. SMS recipients are individuals with whom Customer law firms have an existing legal relationship (such as the firm's clients) or other contacts the firm communicates with in the course of legal work. Recipients are not parties to Counsel Vision's Subscription Agreement and are not Authorized Users of Counsel Vision. With respect to a recipient's personal information processed via the SMS platform, Counsel Vision acts as a service provider/processor for the originating firm; the firm is the controller and is responsible for its own privacy practices regarding its clients and contacts.
Mobile information. We will not share your mobile information with third parties or affiliates for marketing or promotional purposes. Phone numbers and other SMS-related data collected or processed through the platform are used solely to deliver the messages the originating firm authorizes and to operate, secure, support, and bill for the SMS feature. We do not sell, rent, or trade this information. The only parties with whom mobile information is shared are the service providers necessary to transmit messages and operate the platform (such as our SMS delivery subprocessor identified in § 3.1), which are contractually bound to use it only to provide those services and not for any marketing or promotional purpose. No mobile information is shared with any third party for that party's own marketing.
Frequency and rates. Message frequency varies based on the firm's use of the feature. Standard message and data rates from the recipient's wireless carrier may apply.
3. Disclosure of Information
We disclose information only as described below.
3.1 To service providers (subprocessors)
We share information with vendors who help us operate the Services. These vendors are contractually obligated to use the information only to provide services to us and to maintain appropriate security and confidentiality. Our current subprocessors include:
| Subprocessor | Service Provided | Data Categories | Location |
|---|---|---|---|
| Amazon Web Services | Cloud hosting, database, storage, email delivery (SES), SMS delivery (End User Messaging) | All Customer Data, account data, communications | United States (us-east-2) |
| OpenAI | AI-powered document analysis, drafting, and analysis features (per-firm API keys) | Customer Data submitted to AI features on a per-matter basis | United States |
| FolderIt | Document management integration (when enabled by Customer) | Documents Customer chooses to store with this provider | United States |
| Egnyte | Document management integration (when enabled by Customer) | Documents Customer chooses to store with this provider | United States |
| Stripe | Payment processing for subscription fees | Billing contact information, payment method | United States |
We maintain a current list of subprocessors and will notify Customers of material changes. Customers may request a current subprocessor list at any time.
Prospect and lead information is maintained on Counsel Vision's own infrastructure (AWS us-east-2). We do not use a third-party CRM or marketing automation platform.
3.2 To your firm and other Authorized Users
If you are an Authorized User, your information is accessible to your firm's administrators and, depending on permissions, other Authorized Users in your firm. Your firm is responsible for its own internal access policies.
3.3 To Counsel Vision personnel
Counsel Vision personnel have access to information appropriate to their roles, with least-privilege access enforced:
- Authorized technical and management personnel (currently the Lead Full-Stack Software Developer and the Managing Member) access Customer Data only as necessary to provide technical support or investigate incidents
- Sales personnel (W-2 employees) access prospect/lead information and aggregate usage metrics; they do not access Customer Data
- Administrative personnel (allocated from Erskine Law Group, an affiliated law firm) access billing, accounting, HR, and marketing information; they do not access Customer Data
- Founders and advisors, including legal counsel from Erskine Law Group (the affiliated law firm), access information only as necessary to provide governance, legal advice, or incident response support
All personnel are bound by confidentiality obligations, whether by employment agreement, professional ethics obligations (in the case of legal personnel), or service agreement.
3.4 In connection with legal process
We may disclose information when required by law, subpoena, court order, or other valid legal process. Where permitted, we will notify the affected Customer before disclosure so the Customer can seek a protective order or other relief. We will resist overbroad or unlawful requests.
3.5 In connection with business transactions
If KTSS LLC is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction. The acquiring party will be bound by terms no less protective than this Privacy Policy.
3.6 With your consent
We may disclose information for other purposes with your explicit consent.
4. Data Retention
Account data: Retained while your account is active and for a reasonable period thereafter for legal, accounting, and operational purposes.
Prospect / lead data: Retained while the contact remains potentially active or per applicable legal requirements. Prospects may opt out of marketing communications at any time.
Customer Data: Retained while the Subscription is active. Following termination, Customer Data is available for export for 30 days and is deleted from production systems within 90 days, subject to backup retention schedules and legal hold obligations, as set forth in Subscription Agreement § 4.5.
Backups: Encrypted backups may retain Customer Data for up to 35 days after deletion from production systems, after which they are purged on a rolling basis.
Logs: Server logs and audit logs are retained for security and compliance purposes for periods consistent with industry standards (typically 90 days to 7 years depending on log category).
Billing records: Retained for the period required by applicable tax and accounting laws (typically 7 years).
SMS message records: SMS records (sender, recipient phone number, timestamp, content, delivery status) are stored as Customer Data of the originating firm and retained for the duration of that firm's Subscription, subject to the same export and deletion windows as other Customer Data (§ 4 above and Subscription Agreement § 4.5). Opt-out records (phone numbers that have replied STOP or equivalent) are retained indefinitely as a global suppression list to ensure opted-out recipients are not contacted again through the platform.
5. Security
Counsel Vision maintains a written information security program that includes:
- Encryption in transit using TLS 1.2 or higher for all communications between users and the Services
- Encryption at rest using AES-256 for Customer Data stored in our databases, file storage, and backups
- Multi-factor authentication for administrative and privileged access
- Role-based access controls at the platform tenant level (firm isolation), within each firm (per-user permissions), and at the personnel level (least-privilege access scoped to job function — Customer Data access restricted to engineering personnel only)
- Network isolation with production systems in private subnets, no direct internet access to databases, and traffic filtered through hardened security groups and load balancers
- Logging and monitoring of access, configuration changes, and security-relevant events
- Vendor management requiring subprocessors to maintain appropriate security controls
- Personnel security including background checks for hires, confidentiality obligations, documented device policies, and security awareness training
- Regular vulnerability assessments and prompt patching of identified issues
- Incident response procedures including a 72-hour customer notification commitment for confirmed unauthorized access to Customer Data, with pre-established outside counsel relationships for legal coordination
No system can be guaranteed to be completely secure. We continuously work to improve our security posture and respond promptly to identified risks.
6. Your Rights
Depending on your jurisdiction, you may have certain rights regarding your personal information.
6.1 Rights of Authorized Users and prospects
If you are an Authorized User of Counsel Vision, you can typically access, update, or correct your profile information directly through the application. For other requests, contact us at the email address below or contact your firm's administrator.
If you have received an SMS from a Counsel Vision Customer law firm via our platform, you may opt out at any time by replying STOP to that message, or reply HELP or INFO for assistance. This will prevent further SMS from being sent to your number through the platform. Questions about why you received the message, or about the firm's use of your phone number, should be directed to the originating law firm — Counsel Vision will not act unilaterally on data submitted by a firm but will support the firm in fulfilling privacy requests it receives. See § 2.2 for details.
If you are a prospective customer, you may opt out of marketing communications at any time via the unsubscribe link in our emails or by contacting us directly.
6.2 Rights of individuals whose information appears in Customer Data
If your information appears in Customer Data because a law firm has uploaded it to Counsel Vision (for example, as a party in a legal matter), the law firm is the controller of that information. You should contact the law firm directly with requests regarding that information. Counsel Vision will support the law firm in fulfilling such requests but will not act unilaterally on Customer Data.
6.3 California residents
If you are a California resident, you have rights under the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), including:
- Right to know what personal information we collect, use, and disclose
- Right to delete personal information, subject to certain exceptions
- Right to correct inaccurate personal information
- Right to opt out of any sale or sharing of personal information (Counsel Vision does not sell or share personal information for cross-context behavioral advertising)
- Right to limit the use of sensitive personal information
- Right to non-discrimination for exercising these rights
To exercise your rights, contact us at the email below. We will verify your identity before fulfilling requests.
6.4 Other state laws
Residents of Colorado, Connecticut, Virginia, Utah, and other states with comprehensive privacy laws have similar rights. We honor verified requests from all U.S. residents regardless of state of residence.
6.5 European residents
If you are in the European Economic Area, United Kingdom, or Switzerland, you may have rights under the General Data Protection Regulation ("GDPR") or equivalent laws, including the right to access, rectify, erase, restrict processing, object to processing, and data portability. Counsel Vision's primary market is the United States; we do not currently market to or actively serve European customers. Contact us if you have questions about your rights.
7. International Data Transfers
Counsel Vision's infrastructure is located in the United States. If you access the Services from outside the United States, your information will be transferred to, stored in, and processed in the United States. By using the Services, you consent to this transfer.
8. Children's Privacy
Counsel Vision is designed for use by licensed legal professionals and is not directed to children under 18. We do not knowingly collect personal information directly from children. If you believe we have collected personal information directly from a child, please contact us so we can delete it.
This statement applies to direct collection from children; Customer Data uploaded by law firms may contain information about minors (e.g., in family law or juvenile matters), which is governed by the law firm's relationship with its clients and applicable law.
9. Third-Party Services and Links
The Services may link to third-party websites or services we do not control. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you use.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will provide notice of material changes by email or in-app notice at least 30 days before changes take effect, except where shorter notice is required by law. The "Last Updated" date at the top of this Policy indicates when it was most recently revised.
This Privacy Policy is reviewed at least annually by Counsel Vision to confirm continued accuracy and compliance with applicable law. Audits of compliance with this Policy are conducted at least annually.
11. Contact Us
For questions about this Privacy Policy, to exercise your privacy rights, or to report a privacy concern:
Email: support@counselvision.com Mail: KTSS LLC, 612 W University Dr, Rochester, MI 48307 Privacy Contact: Ken Miller, Managing Member
We will respond to verified privacy requests within 45 days, or such shorter period as required by applicable law.
This Privacy Policy is governed by the laws of the State of Michigan, as set forth in the Counsel Vision Subscription Agreement § 11.