Legal

Privacy Policy

Last updated: June 1, 2026

This Privacy Policy explains what personal information shidaev.com collects, how it is used, and what rights you have. It is drafted to reflect the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA, as in effect on January 1, 2026), the European Union General Data Protection Regulation (GDPR), and the Children's Online Privacy Protection Act (COPPA).

Data controller

The data controller is Law Offices of Jacob Shidaev, 15233 Ventura Blvd, Suite 1004, Sherman Oaks, CA 91403.

Direct all data processing inquiries to Jacob Shidaev at info@shidaev.com.

Categories of personal information we collect

Using the categories defined in California Civil Code § 1798.140(v):

  • Identifiers: name, email, phone, mailing address, IP address
  • Commercial information: the fact of your inquiry, its date and channel, a brief description of your situation
  • Internet or network activity: pages visited, referring source, browser and device type, timestamps
  • General geolocation: country or region inferred from IP. We do not collect precise GPS coordinates
  • Professional or employment-related information: only if you mention it in your inquiry

Sensitive Personal Information. Immigration matters by their nature involve sensitive data: immigration status, government identifiers (passport number, A-number), national origin, and sometimes religious belief or health information. We collect such data only after you voluntarily provide it in connection with possible representation, and we process it solely to assess and handle your matter. You have the right to limit the use of sensitive personal information to those purposes.

Sources of information

Using the CCPA source categories:

  • Directly from you — site contact forms, email correspondence, phone calls
  • Automatically from your device — technical logs when you visit the site
  • From referring parties — other attorneys, friends, or family who refer you to the firm, based on what they tell us

Purposes of processing

  • to respond to your inquiry and discuss possible representation
  • to run a conflict-of-interest check before any consultation
  • to evaluate and handle your matter if the firm undertakes representation
  • to operate and secure the site
  • to comply with attorney obligations under the California Rules of Professional Conduct and other applicable rules

Sensitive Personal Information is processed only for the purposes listed above. We do not use it for advertising, profiling, or commercial disclosure to third parties.

Automated decision-making

The firm does not use automated decision-making technology (ADMT) or profiling to evaluate your matter or respond to your inquiry. All decisions are made personally by the attorney.

Legal bases (EU/EEA residents)

Under GDPR we process your data on the following bases: your consent (Art. 6(1)(a)); steps taken at your request prior to entering into a contract, or performance of a contract (Art. 6(1)(b)); the firm's legitimate interest in operating the site and preventing abuse (Art. 6(1)(f)); compliance with legal obligations (Art. 6(1)(c)). Special categories of data are processed under Art. 9(2)(a) — your explicit consent.

Categories of recipients

We do not sell or share your personal information for commercial purposes as those terms are defined under CCPA/CPRA. We may grant access to:

  • technical service providers (hosting, email) — only as necessary, under data processing agreements
  • government authorities — when required by valid legal process
  • co-counsel or other attorneys retained to assist on your matter — only with your consent

Retention

Retention periods by category:

  • Inquiries that do not result in representation — up to 24 months
  • Client files — for the duration of the matter and for no less than 5 years after closure, as required by California Rule of Professional Conduct 1.16(e)(1)
  • Financial and trust account records — at least 5 years (California Rule of Professional Conduct 1.15(e)(7))
  • Technical logs — no longer than 12 months

Your rights

California residents (CCPA/CPRA). The right to know what personal information has been collected and how it is used; the right to delete; the right to correct inaccurate information; the right to limit use and disclosure of Sensitive Personal Information to the purposes listed above; the right to opt out of sale or sharing (we do not sell or share); the right to opt out of automated decision-making (we do not use it); the right to non-discrimination for exercising any of these rights.

EU/EEA residents (GDPR). The right of access, rectification, erasure, restriction of processing, and data portability; the right to object to processing based on legitimate interest; the right to withdraw consent at any time; the right to lodge a complaint with your supervisory authority. We do not engage in direct marketing.

To exercise a right, contact us at info@shidaev.com. We respond within 45 days (CCPA) or 30 days (GDPR). We verify the identity of the requester to a reasonable degree, for the protection of your own data.

Notice at Collection

A short link to this Policy is included on each contact form. Submitting a form provides notice of the categories collected and the purposes of processing at or before the point of collection.

Children under 13 (COPPA)

The site is not directed at children under 13 and does not knowingly collect their information. If you believe a child's data has reached us, contact us and we will delete it.

International transfers

The site is hosted by Vercel Inc. in the United States. Personal data is transferred from the EU to the US under the EU–U.S. Data Privacy Framework (DPF), recognized by the European Commission's adequacy decision of July 10, 2023, where the recipient is DPF-certified, and otherwise under the European Commission's Standard Contractual Clauses as a fallback.

Cookies

The site uses only functional cookies that are strictly necessary for basic operation (such as remembering language preference). No third-party advertising or tracking cookies are installed. Consent for strictly necessary cookies is not required under GDPR/ePrivacy.

Security

The site operates over HTTPS. Administrative access is restricted and protected with two-factor authentication. We apply reasonable technical and organizational measures; no system can be guaranteed fully secure.

Changes to this Policy

We may update this Policy. The date at the top reflects the most recent revision. Material changes will be noted on the site.

Contact

Direct privacy questions to info@shidaev.com or by mail to Law Offices of Jacob Shidaev, 15233 Ventura Blvd, Suite 1004, Sherman Oaks, CA 91403.