This Policy explains what information JusticeX collects, how we use and protect it, and the choices you have. It should be read together with the Terms of Service and the Disclaimer.
Last updated: July 6, 2026. By using JusticeX (the "Service"), you agree to the practices described here.
Account & contact information — name, email, phone, role, organization, and similar details you provide to create an account, be invited to a matter, or communicate with other participants. Matter content — the documents, figures, and information you and other participants submit for analysis ("Your Content"). Usage & technical data — log and device data generated as you use the Service. We do not currently use analytics or advertising cookies; if we add analytics later, we will update this Policy to describe it. Connector data — information from third-party tools you choose to connect (e.g., document storage, e-signature, court-data, or financial providers), used only as you direct.
We use information to provide and operate the Service — including producing the objective, symmetric comparison; routing communications, hand-offs, and notifications among participants; authenticating users; maintaining security and an audit trail; providing support; and complying with legal obligations. We do not sell personal information. Any product or model improvement is performed only on de-identified or synthetic data — never on real personal information or sensitive matter content. Improvement that uses derivatives of your matter content is opt-in (see §2a). We also improve the Service using data that does not come from customer matters — in-house synthetic test data and aggregate de-identified operational, quality, and error telemetry — which never uses your content.
Contributing your matter to improve the Service is optional and off by default. We use either de-identified quality signals or synthetic derivatives of your matter only if you affirmatively opt in. For a shared two-party matter, all parties must opt in; if any party has not opted in — or later withdraws — that matter contributes nothing. You may withdraw at any time: withdrawal stops any new use and removes your synthetic derivatives from the active corpus, though improvements already incorporated into the Service cannot be reversed. We do not pay you or give fee credits for contributing — it is voluntary, is not a sale of your information, and we commit not to re-identify de-identified data. Declining does not change the features, pricing, or service level you receive. Even with opt-in, only synthetic, de-identified derivatives are used (residual-identifier scan and human review); your raw content is never used to train any model.
The Service uses artificial intelligence, including third-party large language models, to process the information you submit and generate outputs. Customer content is not used to train public or third-party foundation models, and we will operate under a zero-data-retention posture with our model provider for that content once that integration is live. AI processing occurs within the Service's controlled boundary.
Operational contact information (used to route communications) is held in a separate identity/contacts store and is never fed into the symmetric comparison. When the platform processes matter content, that content passes through a redaction service that strips personal identifiers before analysis, and access to matter content is bound to the matter's access controls and privilege fence — a participant does not automatically receive another party's private content or an opposing professional's direct contact details.
We share information only as needed to run the Service: with service providers / subprocessors (e.g., cloud hosting, the AI model provider, e-signature, payment, analytics, and scheduling — such as Cal.com for booking calls) under contractual confidentiality and security obligations; with other participants or professionals on your matter, strictly per the matter's access controls; and when required by law or to protect rights and safety. Professionals listed in or reached through the Service are independent third parties, not recipients of your matter content unless you assign them to the matter.
We use the subprocessors below to operate the Service, each under contractual confidentiality and security obligations. We keep this list current; material changes will be reflected here. Items marked planned are engaged as the corresponding product features launch — not before.
| Subprocessor | Purpose | Status |
|---|---|---|
| Netlify | Website hosting and form submissions (contact / pilot form entries) | Current |
| Cal.com | Scheduling and call booking (name, email, selected time) | Current |
| Google Workspace (Google LLC) | Business email and calendar (booking confirmations, correspondence) | Current |
| Amazon Web Services (incl. Amazon Bedrock) | Cloud hosting and AI inference | Planned (at launch) |
| Anthropic (Claude) | AI model provider; zero-data-retention for customer content | Planned (at launch) |
| DocuSign | E-signature execution | Planned |
| Plaid | Bank / identity verification (financial intake) | Planned |
Draft for counsel review. This reflects current and planned processors; the final, jurisdiction-complete subprocessor disclosure and a Data Processing Agreement (DPA) are pending counsel. To request the current list or a DPA, contact us.
JusticeX is built to support a HIPAA-aligned posture but is not currently acting as a HIPAA Business Associate. Do not submit protected health information unless and until a Business Associate Agreement is in place between you (or your organization) and JusticeX.
We retain information for as long as needed to provide the Service, maintain the audit trail, comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion as described below; some records may be retained where required by law.
We employ administrative, technical, and physical safeguards designed to protect information — including encryption in transit, and, for the Service platform when it processes matter content at launch, encryption at rest, access controls, and tenant isolation. No system, however, can guarantee absolute security. You are responsible for safeguarding your credentials and for evaluating the sensitivity of what you submit.
Depending on your jurisdiction, you may have rights to access, correct, delete, port, or restrict the processing of your personal information, and to object or withdraw consent. Residents of California, the EU/UK, and certain U.S. states have specific rights under laws such as the CCPA/CPRA and GDPR. To exercise a right, contact us using the details below; we will respond as required by applicable law. You will not be discriminated against for exercising your rights.
We do not currently use analytics or advertising cookies. The site uses only strictly necessary requests to operate; third-party features you choose to use — such as the Cal.com scheduling embed — may set their own functional cookies under their policies. If we add analytics or similar technologies later, we will describe them here. You can control cookies through your browser settings; some features may not function without them.
The Service is intended for adults (18+) and is not directed to children. We do not knowingly collect personal information from children under 13; if we learn we have, we will delete it.
JusticeX operates in the United States. If you access the Service from outside the U.S., your information may be transferred to and processed in the U.S. and other countries, using appropriate transfer mechanisms where required.
We may update this Policy from time to time. Material changes will be indicated by updating the "Last updated" date and, where appropriate, by additional notice. Continued use of the Service after changes take effect constitutes acceptance of the updated Policy.
Questions or requests regarding this Policy or your personal information may be directed to JusticeX through the contact channels listed on the site.
This Privacy Policy is a working draft prepared for executive review; the data-rights, retention, international-transfer, and subprocessor provisions in particular are pending review and ratification by JusticeX outside counsel before final adoption, and should be reconciled with the Service's actual data flows and any applicable state, federal, GDPR/UK, and CCPA/CPRA requirements.