Privacy policy.
What Tate Esq collects, how we use it, who we share it with, and the rights you have over your personal information.
In plain English
We collect what we need to help you, and nothing we sell or share with advertisers.
- We collect your contact information, loan details, and financial data only as needed to evaluate or represent you.
- Payment information is processed by Stripe or Square — we never store full card numbers.
- We do not sell your personal information, share it for cross-context behavioral advertising, or pass it to affiliate lenders.
- We honor Global Privacy Control and give you the right to access, correct, or delete your data.
- GDPR, UK GDPR, CCPA/CPRA, and other state privacy rights are all covered below.
Who we are
Tate Esq, LLC — a Missouri student loan law firm led by Stanley Tate.
Tate Esq, LLC is a Missouri limited liability company operating a nationwide student loan law practice. Our principal attorney is Stanley Tate.
Mailing address: 222 S Meramec Ave, Suite 202-1096, St. Louis, MO 63105 Email: support@tateesq.com Website: tateesq.com
For the purposes of GDPR and UK GDPR, Tate Esq, LLC is the data controller of the personal data described in this policy.
Information we collect
What you give us directly, what we collect automatically, and what we receive from third parties.
We collect information in three ways: information you give us directly, information collected automatically when you use the Website, and information we receive from third parties.
Information you provide to us. You may give us personal information when you schedule or attend a consultation, submit a contact or intake form, retain us for legal services, subscribe to our newsletter, send us a message, interact with us on social media, or make a payment. This may include:
- Identifiers: name, email address, postal address, phone number, date of birth, government-issued ID information (when retained as a client)
- Financial information: household income, tax filing status, employment history, loan balances, servicer details, account statements, credit information (provided in connection with legal representation)
- Sensitive information (when you choose to share it): Social Security Number, financial account numbers, health-related information disclosed in support of an undue hardship analysis, marital status, dependents, and other information relevant to your legal matter
- Payment information: processed by our third-party payment processors; we do not store full card numbers on our servers
- Communications: the content of messages, emails, voicemails, call transcripts, and consultation recordings (with notice and where lawful)
We collect sensitive personal information only as necessary to evaluate, advise on, or represent you in a legal matter. We do not sell or share sensitive personal information for cross-context behavioral advertising.
Information we collect automatically. When you visit the Website, certain information is collected automatically through cookies, server logs, and similar technologies:
- Device and browser information: IP address, browser type and version, operating system, device identifiers, language preferences, time zone
- Usage information: pages viewed, links clicked, time spent on pages, referring URL, exit pages, scroll depth, search queries entered on the site
- Approximate location: derived from IP address (city/region level)
- Cookies and similar technologies: see our Cookie Policy for details
Information from third parties. We may receive information about you from service providers that help us operate the Website; loan servicers, the U.S. Department of Education, credit bureaus, and similar sources when you authorize us in writing; co-counsel, opposing counsel, courts, and government agencies in connection with active legal matters; public sources such as court records and the Federal Student Aid website (with your authorization); and social media platforms if you interact with us through those platforms.
How we use your information
To respond, represent, communicate, improve, and comply. Not for ads or AI training.
We use the information we collect to:
- Respond to inquiries, schedule and conduct consultations, and evaluate potential representation
- Provide legal services to clients we have agreed to represent
- Authenticate clients and authorized stakeholders in connection with active matters
- Process payments for consultations, flat-fee services, and other legal work
- Send transactional communications (appointment confirmations, document signing requests, status updates, invoices)
- Send newsletters, educational content, and marketing communications you have asked to receive — and let you opt out at any time
- Operate, secure, troubleshoot, and improve the Website
- Conduct analytics to understand which content readers find useful
- Comply with legal, regulatory, and ethical obligations, including state bar rules
- Detect, prevent, and respond to fraud, security incidents, and unlawful activity
- Establish, exercise, or defend legal claims
We do not use personal information to train or develop generative AI models offered to the public.
Legal bases for processing
Consent, contract, legal obligation, and legitimate interests — for EEA, UK, and Swiss visitors.
If you are in the European Economic Area, United Kingdom, or Switzerland, we process your personal data on one or more of the following legal bases:
- Consent — for newsletter signups, optional cookies, and other situations where you affirmatively opt in. You can withdraw consent at any time.
- Performance of a contract — to provide legal services after you retain us, including processing payments.
- Legal obligation — to comply with court orders, regulatory requirements, professional responsibility rules, and tax and recordkeeping laws.
- Legitimate interests — to operate, secure, and improve the Website; to communicate with prospective clients who contact us; to defend the Firm against legal claims; and to maintain client and matter records. We balance these interests against your rights and freedoms.
- Vital interests or public interest — in rare circumstances where processing is necessary to protect a person’s life or to act in the public interest.
Data retention
We keep personal information only for as long as necessary for the purposes described in this policy:
- Prospective clients who contact us but do not retain us — typically retained for up to seven years from last contact, then deleted or de-identified.
- Clients — client files are retained in accordance with our engagement agreement and applicable state bar recordkeeping rules, generally for at least seven years after the matter closes.
- Newsletter subscribers — until you unsubscribe, plus a brief suppression record so we honor your opt-out.
- Website analytics — generally up to 26 months in identifiable form, then aggregated or deleted.
- Payment records — for the period required by tax and accounting law.
- Information subject to a legal hold — retained until the hold is released.
When personal information is no longer needed, we delete it, anonymize it, or — where deletion is not feasible (for example, in encrypted backups) — securely store it and isolate it from further processing until deletion is possible.
Data security
We use administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, and destruction. These include encryption in transit, access controls, multi-factor authentication for staff, vendor due diligence, and ongoing security training.
No system is perfectly secure, and we cannot guarantee absolute security. If you believe your information has been compromised, contact us immediately at support@tateesq.com.
When you communicate with us, please avoid sending highly sensitive information (such as Social Security Numbers or financial account numbers) by unencrypted email. We can provide secure alternatives, including our document upload portal.
International data transfers
We are based in the United States, and our service providers are located primarily in the United States. If you access the Website or send us information from outside the U.S. — including the EEA, UK, or Switzerland — your information will be transferred to, stored in, and processed in the United States.
When we transfer personal data of EEA, UK, or Swiss residents to the United States, we rely on appropriate safeguards as required by GDPR and UK GDPR, which may include the European Commission’s Standard Contractual Clauses, the UK Addendum, and supplementary measures where appropriate. You can request a copy of these safeguards by contacting us.
Your privacy rights
Access, correct, delete, port, and opt out — regardless of where you live.
Rights available to all users. Regardless of where you live, you may ask what personal information we hold about you, ask us to correct inaccurate information, ask us to delete information we no longer need, unsubscribe from marketing emails using the link in any message, opt out of optional cookies through our cookie banner or your browser settings, and contact us with privacy questions at support@tateesq.com.
We may retain certain information when required by law, professional responsibility rules, or to defend legal claims, even if you ask us to delete it.
U.S. state privacy rights. If you are a resident of California, Colorado, Connecticut, Delaware, Iowa, Indiana, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, Virginia, or another state with a comprehensive consumer privacy law, you have the right to know/access, correct, delete, port, and opt out of the sale or sharing of personal information. We do not engage in these activities, but the right is preserved. To exercise a right, email support@tateesq.com with the subject line “Privacy Rights Request” and the state you reside in. We will verify your identity before responding, typically within 45 days.
California-specific disclosures (CCPA/CPRA). In the past 12 months, we have collected identifiers, customer records, protected classification characteristics, commercial information, internet activity, geolocation data, audio and visual information, professional information, inferences, and sensitive personal information — all as defined under the CCPA. We obtained this information from the sources in Section 2 and used it for the purposes in Section 3. We have not sold or shared personal information for cross-context behavioral advertising in the past 12 months and have no plans to do so.
GDPR and UK GDPR rights. If you are in the EEA, UK, or Switzerland, you also have the right to access, rectification, erasure, restriction, portability, objection to processing based on legitimate interests, withdrawal of consent, and to lodge a complaint with your supervisory authority.
To exercise any of these rights, email support@tateesq.com.
Children's privacy
The Website is not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, contact us at support@tateesq.com and we will take appropriate steps to delete it.
Third-party links
The Website contains links to third-party websites and services (including social media, video platforms, and government websites). We are not responsible for the privacy practices or content of those third parties. Their use of your information is governed by their own privacy policies, which we encourage you to review.
Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last Updated” date at the top. If the changes are material, we will provide additional notice — for example, by email to subscribers or a notice on the Website — before the changes take effect. Your continued use of the Website after the changes take effect constitutes acceptance of the updated policy.
Contact us
If you have questions about this Privacy Policy or our privacy practices, or if you would like to exercise your privacy rights, contact us at:
Tate Esq, LLC Attn: Privacy Contact 222 S Meramec Ave, Suite 202-1096 St. Louis, MO 63105 Email: support@tateesq.com
This Privacy Policy describes our practices and is provided for transparency. It is not a contract and does not modify the terms of any engagement agreement. If you are a current client, your engagement agreement governs the attorney-client relationship.
Changelog
- v2.0 · Comprehensive rewrite. Added GDPR/UK GDPR legal bases, CCPA/CPRA disclosures, state privacy rights, international transfer safeguards, and detailed retention schedule.
- v1.0 · Initial publication.