Privacy Policy

Protecting your confidential information and maintaining attorney-client privilege

Last updated: January 1, 2025

Introduction

At LexTrail, we understand that legal professionals handle some of the most sensitive and confidential information. This Privacy Policy explains how we collect, use, protect, and share information when you use our AI-powered legal workflow platform ("Service").

We are committed to maintaining the highest standards of data protection, respecting attorney-client privilege, and complying with all applicable legal and ethical obligations governing the legal profession.

Information We Collect

Account Information

  • Name, email address, phone number, and professional credentials
  • Law firm or organization name and address
  • Bar admission information and professional licensing details
  • Payment and billing information

Legal Document Data

  • Case files, briefs, contracts, and other legal documents you upload
  • Email communications and correspondence
  • Case metadata, notes, and annotations
  • Client information contained within uploaded documents

Usage Information

  • Platform usage patterns and feature interactions
  • AI query history and analysis results
  • System logs and performance data
  • Device information and IP addresses

How We Use Your Information

We use the information we collect solely to provide and improve our legal workflow services:

  • To provide AI-powered document analysis and case insights
  • To maintain and improve our machine learning models
  • To provide customer support and technical assistance
  • To ensure platform security and prevent unauthorized access
  • To comply with legal obligations and professional ethics rules
  • To communicate important service updates and security notifications

Attorney-Client Privilege Protection

LexTrail is designed to preserve attorney-client privilege and maintain the confidentiality of privileged communications.

  • We do not waive or compromise attorney-client privilege through our AI analysis
  • Our platform operates under strict confidentiality protocols
  • All data processing occurs within secure, encrypted environments
  • We maintain detailed audit logs of all data access and processing
  • Our AI models are trained on anonymized, non-privileged legal text

Data Security Measures

We implement enterprise-grade security measures to protect your confidential information:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Multi-factor authentication and role-based access controls
  • Infrastructure: SOC 2 Type II compliant cloud infrastructure
  • Monitoring: 24/7 security monitoring and incident response
  • Auditing: Regular security audits and penetration testing
  • Data Isolation: Client data is isolated and never commingled

Data Sharing and Disclosure

We do not sell, rent, or trade your confidential information. We may only share your information in the following limited circumstances:

  • With your explicit consent for specific purposes you authorize
  • With trusted service providers who assist in platform operations (under strict confidentiality agreements)
  • When required by law or court order, following proper legal process
  • To protect rights and safety in cases of suspected fraud or security threats
  • In business transfers (with equivalent privacy protections for successor entities)

Data Retention and Deletion

  • We retain your data only as long as necessary to provide our services
  • You can request deletion of your data at any time
  • Upon account termination, we securely delete all client data within 30 days
  • Backup data is automatically purged within 90 days
  • We may retain anonymized usage statistics for service improvement

International Data Transfers

Our primary data processing occurs in the United States. If you are located outside the United States, your information may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses for EU data transfers
  • GDPR compliance for European Union users
  • Adequacy determinations and appropriate safeguards

Your Privacy Rights

You have the following rights regarding your personal information:

  • Access: Request copies of your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request transfer of your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Restriction: Request restriction of processing in certain circumstances

To exercise these rights, contact us on our email.

Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending email notification to registered users
  • Providing in-platform notifications for significant changes

Continued use of our Service after policy changes constitutes acceptance of the updated terms.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: [email protected]

LexTrail, Inc.
Privacy Department
Singapore