Header Gradient

PRIVACY POLICY

AlphaLaw.io | Effective Date: January 6, 2026

1. Introduction

Welcome to AlphaLaw.io. This Privacy Policy explains how AlphaLaw ("we," "our," or "us") collects, uses, discloses, and protects your personal information when you use our AI-powered personal injury case management software platform (the "Platform" or "Services"). We are committed to protecting your privacy and handling your data with transparency and care.

By accessing or using AlphaLaw.io, you agree to the terms of this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Services.

2. Information We Collect

We collect various types of information to provide and improve our Services:

2.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, law firm name, business address, and password when you create an account.
  • Case Information: Client data, case details, medical records, legal documents, demand letters, settlement information, and other materials you upload or input into the Platform.
  • Payment Information: Billing details, credit card information (processed securely through third-party payment processors), and subscription information.
  • Communications: Information you provide when you contact our support team, participate in surveys, or communicate with us.
  • AI Intake Data: Information collected through our AI-powered intake system, including prospect information and case qualification details.

2.2 Information Collected Automatically

  • Usage Data: Information about how you use the Platform, including features accessed, actions taken, time spent, and interaction patterns.
  • Device Information: IP address, browser type, operating system, device identifiers, and mobile network information.
  • Log Data: Server logs, error reports, and diagnostic information.
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to enhance user experience, analyze usage, and improve our Services.

2.3 Information from Third Parties

We may receive information about you from third-party service providers, analytics tools, and public databases to supplement the information we collect directly.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve the Platform, including AI-powered intake, case management, automated demand letter generation, medical record analysis, and settlement negotiation tracking.
  • Account Management: To create and manage your account, process subscriptions, and handle billing.
  • Communication: To send you service updates, technical notices, security alerts, and respond to your inquiries.
  • AI and Machine Learning: To train, improve, and optimize our AI models and automation features while maintaining data privacy and security.
  • Analytics and Improvement: To analyze usage patterns, measure effectiveness, and enhance the user experience.
  • Security: To protect against fraud, unauthorized access, and security threats.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Marketing: To send you promotional materials about new features and services (you may opt out at any time).

4. How We Share Your Information

We do not sell your personal information. We do not share your personal information with third parties for their own marketing or commercial purposes. We may share your information only in the following limited circumstances:

  • Service Providers: We share information with trusted third-party service providers who assist us in operating the Platform, processing payments, hosting services, analytics, and customer support. These providers are contractually obligated to protect your data and use it only for the purposes we specify. All such providers are required to store and process data within the United States.
  • Business Transfers: In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity, subject to the same data protection commitments outlined in this Policy.
  • Legal Requirements: We may disclose information when required by law, court order, subpoena, or to protect our rights, property, safety, or the rights of others.
  • With Your Consent: We may share information with third parties when you provide explicit consent.
  • Aggregated Data: We may share anonymized, aggregated data that cannot identify you individually for research, analytics, or marketing purposes.

5. Data Storage and Residency

All personal information collected through the Platform is stored and processed exclusively within the United States. We do not transfer your personal data to servers or facilities outside of the United States.

Our data centers and cloud infrastructure are located in the United States. All third-party service providers and sub-processors we engage are required by contract to store and process data only within the United States.

If you are located outside the United States, please be aware that information you provide will be transferred to and processed within the United States in accordance with this Privacy Policy and applicable US law.

6. Data Security and Information Security Program

We maintain a comprehensive information security program designed to protect the confidentiality, integrity, and availability of your personal information. Our security program is built in alignment with recognized industry frameworks including SOC 2, ISO 27001, and the NIST Cybersecurity Framework (NIST-CSF).

Our security measures include, but are not limited to:

  • SOC 2 compliance covering security, availability, and confidentiality trust service criteria.
  • Encryption of data in transit using TLS 1.2 or higher and encryption of data at rest using AES-256 or equivalent standards.
  • Role-based access controls (RBAC) limiting data access to authorized personnel on a need-to-know basis.
  • Multi-factor authentication (MFA) for all internal system access.
  • Regular third-party security audits and penetration testing.
  • Continuous monitoring, logging, and intrusion detection.
  • Incident response and breach notification procedures.
  • Employee security training and background screening.
  • Vendor security assessments for all third-party service providers.

While we implement these safeguards, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to maintaining and continuously improving our security practices.

7. Data Retention

We retain your personal information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. When you close your account, we will delete or anonymize your information within 90 days, except where we are required to retain it for legal or regulatory purposes.

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request access to the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to certain exceptions.
  • Data Portability: Request a copy of your data in a structured, commonly used format.
  • Opt-Out: Opt out of marketing communications or certain data processing activities.
  • Restrict Processing: Request restriction of processing in certain circumstances.

To exercise these rights, please contact us at privacy@alphalaw.io. We will respond to your request within the timeframe required by applicable law.

9. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete such information promptly.

10. Third-Party Links

Our Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, disclose, and sell.
  • Right to delete your personal information.
  • Right to opt-out of the sale of personal information (we do not sell personal information).
  • Right to non-discrimination for exercising your rights.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR), including the right to access, rectification, erasure, restriction of processing, data portability, and to object to processing. You also have the right to lodge a complaint with your local supervisory authority.

Please note that AlphaLaw stores and processes all data within the United States. By using our Services, EEA users acknowledge that their data will be processed in the United States under the protections described in this Privacy Policy.

13. Payment Processing and Financial Data

Payment processing services for AlphaLaw are provided by Stripe, Inc. When you submit payment information, it is transmitted directly and securely to Stripe. We do not store full credit card numbers or payment card data on our systems.

Stripe's collection and use of your payment information is governed by Stripe's Privacy Policy and Terms of Service, available at stripe.com. By using our payment features, you agree to Stripe's Terms of Service and Privacy Policy.

We receive limited payment-related information from Stripe, such as the last four digits of your card, card type, and billing address, solely for account management and billing purposes. This information is stored within the United States and is not shared with third parties except as necessary to complete transactions or comply with legal requirements.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the effective date. Your continued use of the Services after such changes constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

AlphaLaw, LLC

1303 Central Ave S #201, Kent, WA 98032

Email: privacy@alphalaw.io

Support: contactus@alphalaw.io

Last Updated: June 16, 2026