Privacy Policy

• Service Delivery: Provide legal research, AI analysis, document automation, and case management features
• Personalization: Customize search results, recommendations, and user interface based on your jurisdiction and practice areas
• Security: Detect and prevent fraud, abuse, and unauthorized access
• Customer Support: Respond to inquiries, troubleshoot issues, and provide technical assistance
• Legal Compliance: Comply with applicable laws, regulations, and legal requests
• Analytics: Analyze usage patterns to improve Services and develop new features (using anonymized, aggregated data only)
• Communications: Send transactional emails (account updates, security alerts), product updates, and marketing (with your consent)

We use the following third-party services:

• Payment Processors: Stripe (PCI-DSS compliant) - we do not store credit card information
• Cloud Infrastructure: Vercel (hosting), AWS S3 (document storage), PostgreSQL (Neon/Railway)
• AI Providers: Enterprise-grade AI models (all data encrypted, no training on your data)
• Email Service: Transactional emails via Resend/SendGrid
• Analytics: Privacy-focused analytics (no personal data shared)

All third-party providers are vetted for GDPR and data protection compliance. We have Data Processing Agreements (DPAs) with all vendors.

Under GDPR (Europe) and CCPA (California), you have the right to:

• Access: Request a copy of all personal data we hold about you
• Rectification: Correct inaccurate or incomplete information
• Erasure ("Right to be Forgotten"): Request deletion of your account and data
• Data Portability: Receive your data in machine-readable format (JSON/CSV)
• Object to Processing: Opt-out of certain data processing activities
• Restrict Processing: Limit how we use your data
• Withdraw Consent: Unsubscribe from marketing emails at any time
• Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at: privacy@ailydian.com

We will respond to your request within 30 days (GDPR) or 45 days (CCPA).

We use cookies for:

• Essential: Authentication, session management (cannot be disabled)
• Functional: Language preferences, UI customization
• Analytics: Usage statistics (anonymized, opt-out available)

You can manage cookie preferences in your browser settings. Note that disabling cookies may limit some functionality.

Our Services are hosted in the United States. If you access our Services from the European Economic Area (EEA) or other regions with data protection laws, your data may be transferred to and processed in the U.S. We use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection.

• Active Accounts: Data retained for the duration of your subscription
• Inactive Accounts: Anonymized after 90 days of inactivity
• Deleted Accounts: Permanently deleted within 30 days (except where required by law)
• Legal Requirements: Some data may be retained longer to comply with tax, accounting, or legal obligations (e.g., 7 years for financial records)

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at privacy@ailydian.com.

We may update this Privacy Policy from time to time. Material changes will be notified via email at least 30 days in advance. Your continued use of the Services after changes take effect constitutes acceptance of the revised policy.