This Privacy Policy describes how Inquisita, LLC ("Inquisita," "we," "us," or "our") collects, uses, discloses, and protects information when you access or use the Inquisita web application (the "Service"). This Privacy Policy applies, including but not limited, to attorneys, paralegals, and other legal professionals who use our Service. This Privacy Policy applies to the usage of Inquisita in conjunction with our Terms of Service.
By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, you must not access or use the Service.
We collect several types of information in connection with your use of the Service:
When you create an account, we collect:
You and your firm upload documents and information to the Service, including but not limited to:
We treat all User Content as highly confidential and subject to attorney-client privilege. We do not access, review, or use User Content except as necessary to provide the Service to you or as required by law.
We automatically collect certain technical information when you use the Service:
We collect information when you communicate with us, including:
We use the information we collect for the following purposes:
IMPORTANT: We do not use your User Content (case documents, client information, or attorney work product) to train or improve AI models. Your confidential case materials remain confidential and are used solely to provide services to you.
We implement strict limitations on information sharing to protect attorney-client privilege and maintain confidentiality.
We share information with third-party service providers who perform services on our behalf:
AI Model Providers: We use Amazon Web Services (AWS) Bedrock to access third-party artificial intelligence services (including large language models from providers such as Anthropic) to process your User Content and generate AI-assisted draft responses. According to AWS Bedrock's data protection policies:
Cloud Infrastructure Providers: We use AWS cloud hosting services to store and process data. These providers are bound by confidentiality obligations and security standards.
Payment Processors: We use Stripe to handle billing and payment information. We do not store full credit card numbers on our systems.
If you are part of a law firm account, the firm administrator may access information about your account usage, including activity logs and billing information.
We maintain strict tenant isolation. We will never share your User Content with other law firms, including firms adverse to you in litigation. Our technical architecture prevents any cross-firm data access.
We may disclose information if required by law, including:
We will notify you of legal demands for your information unless prohibited by law or court order, and we will provide you an opportunity to challenge such demands where legally permissible.
If Inquisita is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.
We may share information with third parties when you explicitly consent to such sharing.
We never sell, rent, or share your information for marketing purposes or with data brokers. We do not allow third parties to use your User Content for their own purposes.
We retain your User Content for as long as your account remains active. Upon termination of your account:
We retain account registration information for as long as your account is active, plus a reasonable period thereafter for business record-keeping, legal compliance, and dispute resolution purposes.
We retain usage logs and technical information for up to two (2) years for security monitoring, debugging, and Service improvement purposes.
If we receive a litigation hold notice or preservation demand, we will preserve relevant information as required by law, even if it would otherwise be deleted under our normal retention schedule.
We implement administrative, technical, and physical safeguards designed to protect your information:
We are designing our security architecture with HIPAA and SOC 2 compliance standards in mind, though we do not yet certify compliance with these frameworks. We continuously assess our security posture against industry best practices.
No method of transmission over the Internet or electronic storage is 100% secure. While we use commercially reasonable efforts to protect your information, we cannot guarantee absolute security. You acknowledge this inherent risk when using the Service.
Depending on your jurisdiction, you may have certain rights regarding your personal information:
You may access and update your account information at any time through your account settings. You may also contact us to request access to other personal information we hold about you.
You may download your User Content at any time through the Service interface. We will provide your data in a commonly used, machine-readable format.
You may delete your account at any time, which will trigger our data deletion procedures described in Section 4. You may also request deletion of specific information by contacting us at privacy@inquisita.ai.
You may opt out of promotional communications by following the unsubscribe instructions in those messages. You cannot opt out of transactional or service-related communications (account notifications, security alerts, etc.).
You can manage cookie preferences through your browser settings (see Section 8).
For California Residents (CCPA/CPRA):
For Colorado, Virginia, Connecticut, and Other Applicable States: You may have similar rights to access, correct, delete, and obtain copies of your personal information, as well as rights to opt out of certain processing activities.
To exercise these rights, contact us at privacy@inquisita.ai. We will respond within the timeframes required by applicable law.
Our Service is operated in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States. U.S. data protection laws may differ from those in your jurisdiction.
We use cookies, web beacons, and similar technologies to:
Essential Cookies: Required for the Service to function (authentication, security, load balancing). These cannot be disabled.
Analytics Cookies: Help us understand how users interact with the Service. We use these to improve functionality and user experience.
You can configure your browser to refuse all cookies or indicate when a cookie is being sent. However, if you disable essential cookies, you may not be able to use the Service.
Some browsers transmit "Do Not Track" signals. We do not currently respond to Do Not Track signals because there is no industry standard for how to interpret them.
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have collected information from a minor, contact us immediately at privacy@inquisita.ai, and we will delete such information.
We may update this Privacy Policy from time to time. We will notify you of material changes by:
Your continued use of the Service after the effective date of changes constitutes acceptance of the updated Privacy Policy. If you do not agree to the changes, you must stop using the Service and terminate your account.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us:
Email: privacy@inquisita.ai
For data subject requests (access, deletion, correction), please use privacy@inquisita.ai and include:
We will respond to verified requests within the timeframes required by applicable law.