We all know that our work emails aren’t private. Our employer can access them for a variety of reasons, including compliance issues, commercial litigation or employment disputes. In fact, we also know that even if we were to try to delete our work emails, they’re almost certainly stored on back-up servers that we can’t control. That’s why our company’s lawyers and compliance departments remind us to think twice before putting something in a work email that could come back to haunt us. But work-related communications sent from personal cellphones can be just as discoverable as official work emails. And the procedures for mining those emails is something many people are unaware of: when a tech company gets hired to collect those work-related communications, the first step will be to collect all data from you’re personal phone, whether or not it relates to your job or the substance of the investigation.

If you’re sure that you’ve never communicated about work through anything other than your work email—and that no one else within your company has done so either—feel free to stop reading. If not, hear us out, and consider forwarding this article to your in-house counsel and compliance team (via your work email, of course).