Effective Date: October 2025
Roadmap Law PLLC (“Roadmap Law”) and Roadmap Ventures LLC (“Roadmap Ventures,” and together with Roadmap Law, “Roadmap,” “we,” “us,” or “our”) respect your privacy and are committed to protecting your personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), and other U.S. federal and state privacy laws.
This Privacy Policy explains how Roadmap collects, uses, discloses, and safeguards your information when you access the Roadmap platform, subscribe to Roadmap Advisory, Roadmap Counsel, or Roadmap Unlimited, or otherwise interact with our consulting and legal services. By using the platform or services, you consent to the practices described in this Privacy Policy.
“Personal Data” means any information relating to an identified or identifiable individual, including name, contact information, payment data, account identifiers, and user-submitted content tied to an account. Unless otherwise defined, capitalized terms used in this Privacy Policy have the meanings assigned to them in the Roadmap Terms of Service.
Scope of this Policy
This Privacy Policy applies to all users of the Roadmap platform. It covers both Consulting Clients (individuals and businesses worldwide who subscribe to services from Roadmap Ventures under Roadmap Advisory) and Legal Clients (individuals and businesses located in the United States who subscribe to services from Roadmap Law under Roadmap Counsel or Roadmap Unlimited, subject to jurisdictional restrictions based on attorney licensure).
The platform is operated by Roadmap Ventures but used by both entities. Legal clients receive additional protections under attorney-client privilege and professional responsibility rules. California residents receive additional protections outlined in the California Privacy Rights section.
Plan-Specific Data Practices
- Roadmap Advisory
- Roadmap Counsel
- Roadmap Unlimited
Data shared for consulting is treated as confidential and secured under this Privacy Policy. However, it is not subject to attorney-client privilege. Advisory data may be used for service improvement and analytics, but never sold to third parties.
Data submitted in connection with legal services is protected under attorney-client privilege and professional responsibility rules once representation is established. Privileged legal data is never shared outside of Roadmap Law, never used for marketing or analytics, and only processed using systems compliant with legal ethics requirements.
Data is handled under the same protections as Roadmap Counsel, with the distinction that unlimited service requests may involve more frequent communication and document exchanges. Privileged protections apply fully, and the same segregation from Roadmap Ventures is maintained.
This plan-based approach ensures that each subscription type is handled according to the appropriate legal and ethical framework.
Category | Roadmap Advisory (Consulting – Roadmap Ventures) | Roadmap Counsel (Legal – Roadmap Law) | Roadmap Unlimited (Legal Add-On – Roadmap Law) |
Entity Responsible | Roadmap Ventures LLC | Roadmap Law PLLC | Roadmap Law PLLC |
Attorney-Client Privilege | Not applicable | Applies once engagement is approved | Applies fully |
Confidentiality | Yes, under Terms of Service | Yes, under bar rules + privilege | Yes, under bar rules + privilege |
Use of Data for Analytics / Product Improvement | May be used (anonymized/aggregated only) | Never privileged data | Never privileged data |
AI / Tech Tools Use | May be used with safeguards | Only attorney-reviewed outputs; never share privileged info with unvetted systems | Same as Counsel |
Cross-Border Transfers (EEA/UK Clients) | Permitted under SCCs | Limited to U.S. representation only | Limited to U.S. representation only |
Retention Period | Until account closed or deletion requested | 5–7 years post-representation (per bar rules) | 5–7 years post-representation (per bar rules) |
California Privacy Rights (CCPA/CPRA) | Applies | Applies (in addition to bar rules) | Applies (in addition to bar rules) |
Data Access Within Roadmap | Roadmap Ventures staff + vendors (platform operation) | Roadmap Law attorneys and staff only | Roadmap Law attorneys and staff only |
Permitted Data Sharing | With vendors (e.g., Stripe, Google Workspace, Slack, Notion) | With vendors only where bar rules allow; privileged data never shared | Same as Counsel |
Primary Protections | Privacy Policy, contracts, U.S./EU privacy law | Attorney-client privilege, professional responsibility rules, malpractice rules | Same as Counsel |
Data We Collect
We collect information you provide directly to us, including:
- Name, email, phone number, and company details
- Billing and payment data (processed through secure third-party providers)
- Information submitted for consulting or legal services
- Account credentials and subscription history
For legal clients, we may also collect case-related details and documents, which are treated as privileged once an attorney-client relationship is established.
We also collect data automatically through the platform, including IP address, browser type, device identifiers, usage logs, and analytics data via cookies and similar technologies.
We do not intentionally collect sensitive categories of data (e.g., health or religious information), unless you provide them for a legal matter, in which case they are handled under attorney-client confidentiality. Consulting clients in the European Economic Area (EEA) agree not to transmit GDPR “special category data.”
How We Use Your Data
We use Personal Data to:
- Operate the platform and manage subscriptions
- Provide consulting or legal services
- Process payments and invoices
- Deliver updates, communications, and client support
- Ensure compliance with professional and regulatory obligations
- Protect the security and integrity of our systems
For consulting clients in the EEA, we rely on contract performance, legitimate interests, and consent (where required) as legal bases. Legal client data is processed solely to deliver legal services and comply with attorney obligations.
If you are located in the EEA, UK, or Switzerland as a consulting client, we may transfer your Personal Data to the United States or other jurisdictions. Where transfers occur, we rely on safeguards such as Standard Contractual Clauses.
Privileged vs. Non-Privileged Data
This Privacy Policy does not limit or waive attorney-client privilege. Information shared with Roadmap Law in the course of representation is privileged to the extent permitted by law.
Privileged communications are never used for marketing, analytics, or AI product development. They are not processed through external vendors unless necessary for representation, vetted for compliance, and subject to binding confidentiality agreements.
By contrast, data provided to Roadmap Ventures for consulting services or general platform usage is treated as confidential but is not privileged.
Data Sharing and Disclosure
We share data with service providers that support hosting, billing, communication, and analytics, including providers such as Google Workspace, Notion, Stripe, and Slack. Vendors are contractually bound to follow strict privacy and security requirements.
We may disclose information when required by law, in response to valid legal requests, or as necessary to protect our rights. Privileged legal data is only disclosed in compliance with attorney ethics obligations.
If Roadmap is involved in a merger, acquisition, or corporate restructuring, your data may be transferred to a successor entity under the protections of this Privacy Policy.
Data Security
We use administrative, technical, and physical safeguards to protect your information, including encryption, access controls, and monitoring. Privileged legal data is stored under enhanced confidentiality protocols.
More information about our security practices is available at www.useroadmap.co/security.
Data Retention
- Consulting client data is retained until your account is closed or deletion is requested.
- Legal client data is retained according to bar rules, typically five to seven years after representation ends.
- Aggregated or anonymized data may be retained for analytics and compliance purposes.
Cookies and Tracking
We use cookies and similar technologies to improve platform performance, monitor usage, and support security. You may disable cookies in your browser, though some platform features may not function properly.
Changes to this Privacy Policy
We may update this Privacy Policy periodically. Material changes will be posted with a new effective date. Continued use of the platform or services after updates constitutes acceptance.
Contact Us
For privacy-related inquiries or to exercise data rights under GDPR, CCPA/CPRA, or other laws, contact us at privacy@useroadmap.co.
California Privacy Rights
California residents have rights under the CCPA/CPRA, including:
- Right to know categories of data we collect
- Right to request access, correction, or deletion
- Right to opt out of the sale or sharing of data (note: we do not sell personal information)
- Right to limit the use of sensitive data
You may exercise these rights by contacting privacy@useroadmap.co. We will not discriminate against you for exercising these rights.
Relationship Between Roadmap Law PLLC and Roadmap Ventures LLC
Roadmap Ventures LLC and Roadmap Law PLLC are affiliated entities that operate independently to provide distinct services: Roadmap Ventures offers non-legal business consulting solutions, while Roadmap Law provides legal services exclusively through licensed attorneys. Although clients may engage one or both entities, each operates under separate professional and regulatory obligations. Client data is segregated accordingly, and Roadmap maintains strict internal protocols to ensure that information shared with Roadmap Ventures is not used by Roadmap Law (and vice versa) without proper authorization.