Privacy Policy

BrassDocs, Inc. ("we," "us," or "the Company") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use BrassDocs ("the Service").

By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree with these practices, please do not use the Service.

2.1 Information You Provide

• Account Information: Name, email address, professional title, firm name, and other profile information you provide during registration and onboarding.
• Uploaded Documents: Legal documents (contracts, leases, agreements) you upload for analysis. These documents may contain personal information about third parties.
• Payment Information: Billing details processed through our third-party payment processor (Stripe). We do not store your full credit card number on our servers.
• Communications: Any information you provide when contacting us for support or feedback.
• Firm Logo: If you upload a firm logo for branded reports, we store that image file.

2.2 Information Collected Automatically

• Usage Data: Information about how you interact with the Service, including pages visited, features used, analysis history, and timestamps.
• Device Information: Browser type, operating system, IP address, and device identifiers.
• Cookies and Similar Technologies: We use essential cookies for authentication and session management. See Section 8 for details.

We use the information we collect to:

• Provide, maintain, and improve the Service.
• Process and analyze uploaded documents using AI technology.
• Generate analysis reports, risk assessments, and related output.
• Process payments and manage your subscription.
• Send transactional communications (account verification, billing receipts, service updates).
• Provide customer support and respond to inquiries.
• Monitor and analyze usage patterns to improve the Service.
• Detect, prevent, and address technical issues, fraud, or security threats.
• Comply with legal obligations.

When you upload a document, it is processed as follows:

• Text Extraction: We extract text content from your uploaded document for analysis.
• AI Processing: The extracted text is sent to our AI analysis engine (powered by Anthropic's Claude) to generate insights, risk flags, and recommendations.
• Storage: The analysis results (including the extracted text and AI-generated output) are stored in our database to enable you to access your reports.
• Original Files: Original uploaded documents are not permanently stored after text extraction is complete.

Important: Uploaded documents may be processed by third-party AI providers (currently Anthropic) as part of the analysis pipeline. By using the Service, you consent to this processing. We contractually require our AI providers to maintain confidentiality and not use your data for training purposes.

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party companies that help us operate the Service, including cloud hosting (AWS), authentication (Clerk), payment processing (Stripe), AI analysis (Anthropic), and email delivery (Resend).
• Legal Requirements: When required by law, regulation, legal process, or governmental request.
• Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.
• Protection of Rights: When we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit using TLS/SSL (256-bit encryption).
• Encryption of sensitive data at rest.
• Access controls limiting employee access to personal data.
• Regular security assessments and monitoring.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.

• Account Data: Retained as long as your account is active. Upon account deletion, your personal data and analysis history are permanently deleted within 30 days.
• Analysis Results: Stored as long as your account is active. You may delete individual analyses at any time.
• Uploaded Documents: Original document files are not permanently stored after processing.
• Billing Records: Retained as required by applicable tax and accounting laws (typically 7 years).
• Server Logs: Automatically purged after 90 days.

We use the following types of cookies:

• Essential Cookies: Required for authentication, session management, and security. These cannot be disabled.
• Analytics Cookies: Help us understand how users interact with the Service. These are optional and can be declined.

We do not use advertising cookies or third-party tracking for advertising purposes.

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete personal data.
• Deletion: Request deletion of your personal data (subject to legal retention requirements).
• Portability: Request your data in a portable, machine-readable format.
• Objection: Object to certain processing activities.
• Withdrawal of Consent: Withdraw consent for processing activities based on consent.

To exercise any of these rights, please contact us at [email protected]. We will respond to verified requests within 30 days.

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.

To exercise your CCPA rights, contact us at [email protected].

The Service is hosted in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States where our servers are located. By using the Service, you consent to the transfer of your information to the United States.

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through a prominent notice on the Service. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy, please contact us at:

BrassDocs, Inc.
Email: [email protected]
Website: brassdocs.com