How We Protect Your Data
Facing a criminal accusation is one of the most private problems a person can have. This page explains, in plain English, the specific technical protections running on landllawgroup.com — encrypted connections enforced by a preloaded two-year HSTS policy, a strict content-security policy, a commercial web application firewall, and locked-down browser permissions — and what those protections mean for you. Every item below was verified against the live site on June 10, 2026.
By Reggie London, Co-Founding Partner · State Bar of Texas #24043514 · Last reviewed June 10, 2026
Why a defense firm publishes a security page
People researching a charge — their own or a family member’s — often browse in difficult circumstances: on a shared family computer, on a work network, late at night after an arrest. You should be able to read about Texas criminal law and reach a lawyer without wondering who else can see it. We treat website security as part of client service, and we would rather show our work than ask you to take it on faith.
The protections, verified
Each protection below is a live response header or network control you (or anyone technical you trust) can check from any computer — no account needed. They were each re-verified against the production site the day this page shipped.
| Protection | Technical control | What it means for you |
|---|---|---|
| Encrypted connections, enforced | Strict-Transport-Security (HSTS), two-year policy with preload | Your browser is told — and major browsers ship with a preloaded instruction — to only ever reach this site over an encrypted TLS connection. Unencrypted requests are upgraded automatically. |
| Strict script allowlist | Content-Security-Policy | Only code from a short list of named, vetted providers is allowed to run on our pages. Injected or unauthorized scripts are blocked by the browser itself. |
| Web application firewall | Sucuri WAF (network edge) | Traffic passes through a commercial firewall that filters known attack patterns before it ever reaches the web server. |
| Device permissions locked off | Permissions-Policy | Our pages tell your browser they will never request your camera, microphone, precise location, or motion sensors — so no script that sneaks in can either. |
| Clickjacking protection | X-Frame-Options: SAMEORIGIN | Other websites cannot embed our pages inside invisible frames to trick clicks. |
| Content-type enforcement | X-Content-Type-Options: nosniff | Browsers are barred from re-interpreting files as a different type — a common exploit path. |
| Referrer privacy | Referrer-Policy: strict-origin-when-cross-origin | When you leave our site for another, the destination learns at most that you came from landllawgroup.com — never which page you read. |
| Cross-origin isolation | COOP / COEP / CORP | Our pages are isolated from other browser tabs and from cross-site data leaks at the process level. |
How to check: open your browser’s developer tools, load any page on this site, and read the response headers — or use a public header-checking tool. The values above appear on every page.
How the contact forms handle your information
- Form submissions travel over an encrypted connection and are delivered through a vetted form processor to our intake inbox — they are not stored in this website’s code or database.
- An invisible honeypot field filters automated spam without making you solve puzzles.
- No API keys, credentials, or account secrets live in the pages your browser downloads. Where our pages display live data (such as our Google review rating), the lookup happens on the server side.
- Non-essential analytics scripts wait for your cookie-consent choice before loading.
What we ask you NOT to send through the website
Until the firm has run a conflict check and you have engaged us, website messages are handled confidentially as a matter of office practice, but they are not yet protected by the attorney-client privilege. Use the form for your name, contact information, the county, and the general nature of the matter. Save specifics — what happened, what you told police, dates and names — for a phone consultation at (972) 370-5060. That call is free, and it is the right place for details.
Honest limits
No website can promise perfect security, and we will not pretend otherwise. What we can do is run current, verifiable protections, keep them patched, publish a standard security contact at /.well-known/security.txt, and fix reported issues fast. That is the commitment this page documents.
Questions about data security
Is what I type into the contact form confidential?
Form submissions travel over an encrypted connection and are delivered to our intake inbox through a vetted processor. That said, contacting us through the website does not by itself create an attorney-client relationship, so we recommend keeping form messages brief — your name, contact information, and the county and general type of charge. Save the details for a confidential phone consultation at (972) 370-5060.
Do you sell or share visitor data?
No. We do not sell visitor data. The site runs a small set of analytics and advertising measurement tools, and non-essential scripts wait for your choice on the cookie-consent banner. You can decline and the site works normally.
Why does the site ask about cookies?
Texas privacy law and our own policy require consent before non-essential cookies load. The banner lets you accept or decline; essential functions like the contact form work either way.
How do I report a security concern about this website?
We publish a security contact file at /.well-known/security.txt, the internet-standard location security researchers check. You can also email info@landllawgroup.com with the subject line "Website security." Reports are reviewed promptly.
Questions this page didn’t answer? Call (972) 370-5060 or email info@landllawgroup.com.