Lawful Good Logo
Lawful Good

Privacy Policy

Last Updated: November 19, 2025

Welcome to Lawful Good. We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

Our core privacy promise is built on a "Zero-Knowledge Storage" architecture. This means your sensitive data is encrypted in such a way that we, the developers and staff of Lawful Good, cannot access it without your explicit permission.

1. Information We Collect

We collect information that you provide directly to us, as well as information that is automatically collected when you use our service.

a. Information You Provide to Us

  • Account Information: When you register for an account, we collect your name and email address through Google OAuth. We plan to support other authentication methods in the future, which may require similar information.
  • User Content: We collect and store the files and documents you upload, create, or otherwise provide to the service ("User Content"). Note that all User Content is encrypted, so it cannot be read by Lawful Good staff.

b. Information We Collect Automatically

  • Usage Information: We may collect aggregated, anonymized performance metrics to understand how our services are being used and to improve them. This data does not contain personal information.
  • Cookies: We use cookies and similar tracking technologies to manage user sessions and maintain your authenticated state.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Maintain the Service: To operate our service, including authenticating you, providing access to your documents, and enabling the features you use.
  • To Improve and Personalize the Service: To understand how you use the service and to develop new features and improvements.
  • For Security and Fraud Prevention: To protect the security of our services and our users.
  • To Communicate With You: To provide you with customer support or to send you information about our services.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

  • With Third-Party Service Providers: We use third-party services to provide our application's core functionality. This includes:
    • Authentication: We use Google OAuth for user authentication.
    • AI and Language Models: To provide AI-powered features, we send your User Content to third-party Large Language Model (LLM) providers (such as Google, OpenAI, or Anthropic). We have configured these services with a Zero Data Retention (ZDR) policy, meaning they are instructed not to store your data after processing. We do not use any AI provider that trains their models on your data.
  • For Legal Reasons: We may disclose your information if we are required to do so by law, or if we believe in good faith that such action is necessary to comply with a legal obligation.
  • Business Transfers: If we are involved in a merger, acquisition, sale of all or a portion of our assets, or other business transfer, your information will be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our service of any such change in ownership or control of your personal information. In such an event, you will be given a reasonable period to opt-out of the transfer by deleting your account and data before the transaction is finalized.

4. Data Security

We take the security of your data very seriously and have implemented robust measures to protect it.

  • Encryption at Rest: All of your User Content and personal information stored in our databases and file systems is encrypted using AES-256-GCM encryption. Each user is assigned a unique encryption key, ensuring that your data is isolated and protected. This is part of our "Zero-Knowledge Storage" commitment, which prevents even our own staff from accessing your data, as part of their day-to-day duties.
  • Encryption in Transit: All data transferred between you and our servers is encrypted using Transport Layer Security (TLS).
  • Decryption During Processing: Your data is only decrypted in memory during an active, authenticated session when you use the service. No decrypted data is stored persistently.

5. Data Retention

We retain your personal information and User Content for as long as your account is active. You may request to delete your account and all associated data at any time. Upon receiving a deletion request, we will permanently remove your data from our systems.

6. Your Rights and Choices

You have certain rights regarding your personal information:

  • Access and Update: You can review and update your account information through your account settings.
  • Data Deletion: you can request the deletion of your account and all your data.
  • Cookies: Most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject browser cookies. However, refusing cookies will make it impossible to authenticate and therefore use the service.

7. Eligibility and Professional Use

Our service is intended exclusively for use by licensed attorneys in the United States and individuals directly employed by and under the supervision of such attorneys (e.g., paralegals, legal assistants). The service is not intended for use by minors, and we do not knowingly collect personal information from individuals under the age of 18.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@lawfulgood.us.