Privacy Policy

• Account data: name, email, phone number, password hash, role (Client/Advocate/Admin), and verification status.
• Usage data: log data, device/browser information, IP address, timestamps, pages accessed, and feature interactions.
• Case/workflow data you choose to upload: case identifiers, schedules, notes, documents, messages, and invoices.
• Payment data: limited payment metadata from processors (amount, status, timestamps, payment reference). We typically do not store full card details.

Legal matters can involve sensitive personal data. You should upload only what is necessary and only if you have the legal right to share it. Do not upload documents that you are prohibited from sharing by law, court order, or contractual obligations.

Advocates and Clients are responsible for handling sensitive data appropriately, including within their own devices, staff access, and offline storage.

• Provide the Service (accounts, dashboards, appointments, messaging, invoices).
• Authenticate users, prevent abuse, and secure accounts.
• Process Premium Feature purchases, renewals, and payment confirmations.
• Send transactional communications (verification, security alerts, reminders).
• Improve performance, reliability, and feature quality.
• Comply with legal obligations and respond to lawful requests.

We process personal data as needed to provide the Service, comply with law, protect our legitimate interests (security, fraud prevention), and where required, based on your consent. You may withdraw consent for certain optional processing, but core Service functionality may be unavailable as a result.

We aim to follow applicable Indian privacy requirements, including the Digital Personal Data Protection regime as it becomes operational.

We may share data with:

• Advocates/Clients you choose to interact with on the Service.
• Vendors and processors (hosting, email/SMS, analytics, payment processors) under confidentiality and security obligations.
• Law enforcement, courts, or regulators when required by applicable law or a valid legal process.

We do not sell personal data. We do not allow unauthorized scraping, indexing, or data harvesting.

We implement reasonable technical and organizational measures (access controls, encryption in transit, monitoring, and audit logging where appropriate). However, no system is completely secure.

If we detect suspicious activity (credential stuffing, scraping, fraud, abusive automation), we may block IPs, force logouts, suspend accounts, and preserve relevant logs for investigation.

We retain personal data only as long as necessary for the purposes described in this Policy, including providing the Service, maintaining backups, resolving disputes, preventing fraud, and complying with legal obligations.

If you request deletion, we may delete or anonymize data where feasible, while retaining limited records required for compliance, security, and legitimate business purposes.

We use cookies and similar technologies for session management, authentication, security, and basic analytics. Disabling cookies may affect login and dashboard functionality.

Our vendors and infrastructure may process data in multiple regions. We take steps to ensure appropriate safeguards and contractual protections for cross-border processing, subject to applicable Indian law.

Depending on applicable law, you may request access, correction, deletion, export, or restriction of your personal data. We may need to verify your identity before acting on requests.

To prevent misuse, we may refuse requests that are fraudulent, repetitive, or that would compromise others' privacy, platform security, or legal compliance.

The Service may link to third-party sites or integrate third-party services (payment processors, email/SMS providers). Their privacy practices are governed by their own policies.

We may update this Policy periodically. Material updates will be reflected on this page. Continued use after updates constitutes acceptance of the updated Policy.

If we become aware of a personal data breach, we will take reasonable steps to investigate, contain, and remediate it. Where required by applicable law, we will notify affected users and/or authorities.

You are responsible for promptly notifying us if you suspect your account has been compromised.

The Service is intended for users who can form a legally binding contract. If a minor uses the Service, it must be through a parent/guardian or an authorized representative. We may restrict or delete accounts that do not meet eligibility requirements.

For privacy queries, requests, or complaints, contact us via the contact page. We may request identity verification before processing sensitive requests.