Privacy Policy
Last updated February 2025
Zero Data Retention
Uploaded contracts are processed entirely in-memory and permanently deleted after analysis. We never store your documents.
No Document Storage
Your uploaded contracts are never stored on our servers. All document processing occurs entirely in-memory within the analysis pipeline. Once the AI analysis is complete and the results are returned to you, the document data is immediately and permanently discarded. No contract text, metadata, or filename is written to any database.
Data We Collect
We collect only the minimum data required to provide the Service: your name, email address, and profile picture are received at sign-in and stored to identify your account. We record the jurisdiction, document language, and overall risk score for each analysis (never the document content) to improve service quality.
Data Security
All data in transit is encrypted using TLS 1.3. Our database (InsForge) enforces Row Level Security (RLS), meaning each user's data is cryptographically isolated from other users at the database layer. Access tokens are short-lived and stored only in HTTP-only cookies to prevent XSS attacks.
Third-Party Services
We use Google OAuth for authentication — Google's Privacy Policy applies to authentication data. All payment transactions are processed securely by our payment provider. We use InsForge for backend infrastructure. No other third parties have access to your data.
Your Rights
You have the right to request deletion of your account and all associated data at any time by contacting us. Since we do not store contract documents, there is no document data to delete. Account data (name, email, credit balance, analysis log) will be permanently purged within 30 days of a deletion request.
Cookies
We use only essential, functional cookies: an authentication session token (HTTP-only) and a language preference cookie. We do not use tracking cookies, advertising cookies, or any form of cross-site tracking.
Questions about your privacy?
Contact →