Privacy Policy
Effective Date: July 1, 2026 · Contact: michael@thistleltd.com
This Website Privacy Policy explains how Thistle Software LLC (“Thistle,” “we,” “us,” or “our”) collects, uses, and shares information when you visit our public website, submit a public website form, request access, request a demo, or otherwise contact us through the public website.
This policy applies only to the public Thistle website and related marketing, inquiry, demo, and access-request activity. It applies to U.S. visitors only.
This policy does not govern data entered into or processed inside the Thistle application by a law firm, its staff, its clients, or its invited users. Product data is governed by the applicable customer agreement, security commitments, and product controls.
1. What This Policy Covers
This policy covers information collected through Thistle’s public marketing website, including:
- website visits;
- contact forms;
- demo requests;
- access requests;
- beta or early-access inquiries;
- marketing communications; and
- direct communications sent to Thistle in response to website materials.
This policy does not cover Customer Data processed inside the Thistle application under a firm’s account.
2. Public Website Forms Are Not for Client or Matter Information
Thistle’s public website forms are intended for business inquiries, demo requests, access requests, and general communications with Thistle.
Do not submit confidential client communications, case facts, legal strategy, privileged material, Social Security numbers, driver’s license numbers, financial account numbers, medical information, or other sensitive matter-specific information through the public website.
This limitation applies only to the public website and public website forms. It does not mean that the Thistle application is unsuitable for sensitive legal information. Thistle is a legal case management product designed to store and process law firm information, including client and matter information, under the applicable customer agreement, security commitments, and product controls.
If you are a client of a law firm that uses Thistle, do not submit case or matter information through Thistle unless your law firm has invited you to do so through its authorized Thistle account or client portal.
3. Product Data and Customer Data
Law firms that use Thistle control the data entered into their Thistle accounts. That data may include client information, matter information, documents, notes, messages, calendar information, task information, billing information, and other information used to manage legal work.
That product data is not governed by this Website Privacy Policy. It is governed by the applicable Master Subscription Agreement, any applicable data processing terms, the Security Overview, and the firm’s own obligations to its clients.
If you are a client, employee, contractor, or other person whose information appears inside a law firm’s Thistle account, contact the law firm directly for questions about access, correction, deletion, or use of that information. Thistle generally acts at the direction of the law firm customer for product data.
4. Information We Collect Through the Public Website
We may collect information you provide directly, including:
- name;
- email address;
- phone number, if provided;
- firm name;
- firm size;
- role or job title;
- practice areas or firm-related details you choose to provide;
- access-request, demo-request, or inquiry details; and
- the contents of messages you send to us.
We may also collect limited technical information automatically when you visit the public website, including:
- pages viewed;
- approximate location;
- device type;
- browser type;
- operating system;
- referral source;
- interactions with the website; and
- identifiers stored in cookies or similar technologies.
5. Google Analytics and Cookies
We use Google Analytics on the public marketing website to understand website traffic, usage, and performance.
Google Analytics is not used inside the Thistle application.
Google Analytics may use cookies and similar technologies to collect information about website activity. You can control cookies through your browser settings. If you block or delete cookies, some analytics collection may be limited.
6. How We Use Website Information
We use information collected through the public website to:
- respond to inquiries;
- communicate with you;
- evaluate access requests;
- schedule demos;
- understand interest in Thistle;
- operate, maintain, and improve the public website;
- measure website traffic and performance;
- protect against spam, fraud, abuse, and security issues;
- maintain business records; and
- comply with legal obligations.
7. How We Share Website Information
We do not sell personal information submitted through the public website.
We may share website information:
- with service providers that help us operate the website, manage communications, provide analytics, host infrastructure, or maintain business systems;
- with Google Analytics as part of our public website analytics;
- with professional advisors, including legal, accounting, security, or technical advisors;
- when required by law, subpoena, court order, or other valid legal process;
- when reasonably necessary to protect rights, safety, security, users, customers, or the integrity of Thistle; or
- in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar business transaction.
We do not use Customer Data, client information, or matter information from the Thistle application for public website advertising or cross-context behavioral advertising.
8. Service Providers
We may use third-party service providers to support the public website and related business operations. These providers may help with website hosting, analytics, communications, security, business administration, payment processing, and similar operational functions.
Service providers may access personal information only as reasonably necessary to provide services to Thistle, comply with legal obligations, protect systems, or perform authorized business functions.
If payment functionality is used, payment information may be processed by a dedicated third-party payment processor. Thistle does not store full payment card numbers directly.
We do not permit service providers to use personal information collected through the public website for their own independent marketing purposes.
9. Marketing Communications
If we send marketing emails, you may opt out by using the unsubscribe link if one is provided or by emailing michael@thistleltd.com.
Even if you opt out of marketing messages, we may still send non-marketing communications, such as responses to inquiries, access-request communications, service-related notices, legal notices, or security-related communications.
10. Data Retention
We retain website inquiry, demo-request, access-request, and communication information for as long as reasonably necessary to:
- respond to you;
- evaluate requests;
- maintain business records;
- manage prospective customer relationships;
- comply with legal obligations;
- resolve disputes; and
- enforce agreements.
We may delete or anonymize website information when it is no longer reasonably needed.
11. Your Choices and Requests
You may email michael@thistleltd.com to request access to, correction of, or deletion of personal information you submitted through the public website.
We may need to verify your request before responding.
Requests about data inside a law firm’s Thistle account should generally be directed to the law firm. Thistle may not be able to act directly on product-data requests unless instructed or authorized by the law firm customer or required by law.
You can manage cookies through your browser settings.
12. Security
We use reasonable administrative and technical measures designed to protect information collected through the public website.
No method of transmission or storage is completely secure.
The Thistle application has separate product security controls described in Thistle’s Security Overview. Those product controls are not replaced by this Website Privacy Policy.
13. Legal Process
We may disclose information if required to do so by law, subpoena, court order, or other valid legal process.
For product data inside a law firm’s Thistle account, Thistle will respond to valid legal process as required by law and, where legally permitted, will provide notice to the law firm customer.
14. Children and Minors
The public website is not intended for children under 13, and we do not knowingly collect personal information from children under 13 through the public website.
The Thistle application may process information about minors when entered by a law firm for legal representation, case management, or related legal work. That product data is controlled by the law firm customer and is not governed by this Website Privacy Policy.
15. U.S. Use Only
Thistle is currently intended for use by U.S. firms and U.S. users.
If Thistle later expands availability outside the United States, this policy may be updated to address additional privacy and data protection requirements.
16. Changes to This Policy
We may update this Website Privacy Policy from time to time.
When we update it, we will post the revised version on the public website and update the effective date.
17. Contact
For privacy questions or requests, contact:
Thistle Software LLC
Email: michael@thistleltd.com