← Back to Contract Reviewer

Privacy Policy

Last Updated: June 26, 2025

1. Introduction

Contract Reviewer ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Information You Provide


- Phone Number: Used for authentication via SMS
- Documents: Contracts and legal documents you upload for analysis
- Usage Data: How you interact with our service

2.2 Automatically Collected Information


- Device Information: Browser type, operating system
- IP Address: For security and rate limiting
- Cookies: Authentication tokens and session management

3. How We Use Your Information

We use your information to:
- Authenticate your identity
- Provide document analysis services
- Secure and protect our service
- Improve our AI models and service quality
- Comply with legal obligations

4. Third-Party Services

We use the following third-party services:

4.1 Twilio


- Purpose: SMS authentication
- Data Shared: Phone numbers
- Privacy Policy: https://www.twilio.com/legal/privacy

4.2 Amazon Web Services (AWS S3)


- Purpose: Encrypted document storage
- Data Shared: Encrypted documents
- Privacy Policy: https://aws.amazon.com/privacy/

4.3 GROQ


- Purpose: AI analysis using meta-llama/llama-4-maverick-17b-128e-instruct
- Data Shared: Document text for analysis
- Privacy Policy: https://groq.com/privacy-policy/

4.4 PayPal


- Purpose: Donation processing (optional)
- Data Shared: Only if you choose to donate
- Privacy Policy: https://www.paypal.com/privacy

5. Data Security

We implement security measures including:
- Encryption: AES-256 encryption for stored documents
- HTTPS: All data transmitted using TLS
- Access Controls: Authentication required for all document access
- Regular Security Updates: Keeping our systems patched and secure

6. Data Retention

- Documents: Retained until you delete them using the "burn" feature
- Phone Numbers: Retained as long as you use the service
- Analysis Results: Not stored after delivery to you
- Logs: Security logs retained for 90 days

7. Your Rights

7.1 Access and Portability


You can access and download your documents at any time through the dashboard.

7.2 Deletion


You can delete:
- Individual documents using the "burn" feature
- All your data by contacting us

7.3 Correction


Contact us to correct any inaccurate information.

7.4 Opt-Out


You can opt-out of:
- SMS communications (though this will prevent login)
- Service usage by deleting your account

8. GDPR Rights (For EU Residents)

If you are in the European Union, you have additional rights:
- Right to be Informed: This privacy policy serves that purpose
- Right of Access: Request a copy of your data
- Right to Rectification: Correct inaccurate data
- Right to Erasure: Request deletion of your data
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a portable format
- Right to Object: Object to certain processing
- Rights Related to Automated Decision Making: Our AI analysis is not used for automated decision-making

To exercise these rights, contact us at the address below.

9. CCPA Rights (For California Residents)

California residents have the right to:
- Know what personal information we collect
- Know whether your information is sold or disclosed (we do not sell your data)
- Say no to the sale of personal information
- Access your personal information
- Request deletion of your personal information
- Not be discriminated against for exercising your rights

10. Children's Privacy

Our Service is not intended for children under 18. We do not knowingly collect information from children under 18. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.

12. Cookies and Tracking

We use:
- Essential Cookies: For authentication and security (auth-token, csrf-token)
- No Marketing Cookies: We don't track you for advertising
- No Analytics Cookies: We don't use Google Analytics or similar services

13. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:
- Notify affected users within 72 hours
- Provide information about what data was affected
- Offer guidance on protective measures

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last Updated" date
- Notifying you via the Service for material changes

15. Contact Information

For privacy-related questions or to exercise your rights:
- GitHub Issues: https://github.com/anthropics/claude-code/issues
- Mark issues with [PRIVACY] in the title

16. Data Protection Officer

We have not appointed a formal Data Protection Officer as we are not required to under applicable law. However, privacy inquiries can be directed to the contact information above.

17. Legal Basis for Processing (GDPR)

We process your personal data based on:
- Contract: To provide you with our services
- Legitimate Interests: For security and service improvement
- Legal Obligation: To comply with applicable laws
- Consent: For any additional processing requiring consent

18. Do Not Track

Our Service does not respond to Do Not Track signals as we do not track users across websites.

19. Privacy Shield

We do not participate in Privacy Shield frameworks as they have been invalidated. We use Standard Contractual Clauses for international transfers where required.

Not legal advice. AI-powered analysis only. Consult an attorney for legal decisions.

TermsPrivacyCookies