01Overview
LawyerDesk Advocacy Private Limited ("LawyerDesk", "we", "us") provides AI-powered legal tools to law firms, lending institutions, businesses, and individuals. This policy describes what information we collect, why we collect it, and how we protect it.
We designed LawyerDesk from the ground up around attorney-client privilege and information-fiduciary principles. Your matter data is never used to train shared models.
02Information we collect
Account information
Name, work email, firm or organization, role, and authentication credentials. Collected when you register or are invited by an administrator.
Matter and content data
Documents, drafts, citations, prompts, and any other content you upload or generate within LawyerDesk. This is treated as your confidential work product.
Usage and telemetry
Aggregated, anonymized metrics about feature usage, performance, and errors. Used to improve reliability — never sold.
Device and log information
IP address, browser, operating system, and access timestamps. Retained per our security policy for audit and abuse prevention.
03How we use your information
- Service delivery: To operate, maintain, and improve LawyerDesk for you and your firm.
- Security: To prevent unauthorized access, fraud, and abuse.
- Support: To respond to requests and resolve issues you raise with us.
- Product improvement: Using aggregated, non-identifying metrics only.
- Legal compliance: To meet applicable laws and legitimate regulatory requests.
We do not use your matter content, drafts, or prompts to train shared or public models. Enterprise customers may opt in to tenant-isolated fine-tuning under contractual controls.
04Sharing and disclosure
We share information only in these limited circumstances:
- With sub-processors who help us operate the service under strict contractual controls. See our sub-processor list.
- Within your organization according to the permissions you and your administrators configure.
- When legally required, following valid legal process. We will challenge over-broad requests where permitted.
- During corporate transactions, such as a merger or acquisition, subject to continuity of these commitments.
05Data retention
We retain your information for as long as your account is active, or as required to deliver the service. You may delete data at any time; upon account termination, we delete all matter content within 30 days except where retention is required by law.
Enterprise customers may configure shorter retention windows contractually, down to immediate deletion on close.
06Your rights
Depending on your jurisdiction (GDPR, CCPA, DPDP, and others), you have the right to access, correct, delete, restrict, or port your personal information, and to object to certain processing.
To exercise a right, email privacy@lawyerdesk.ai. We respond within 30 days.
07International data transfers
Data residency is India by default, and we do not move your data across regions without your instruction. Where a customer instructs a cross-border transfer, it relies on Standard Contractual Clauses and equivalent safeguards.
08Contact
Questions, concerns, or complaints about this policy can be directed to our Data Protection Officer at privacy@lawyerdesk.ai.
Questions about this document?
Our legal team responds within two business days. Enterprise customers can reach their dedicated counsel through the support portal.