Introduction
TextEvidence ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our text message analysis platform ("Service").
By using our Service, you agree to the collection and use of information in accordance with this policy. This Service is designed for use by legal professionals and law firms in the United States.
Information We Collect
Account Information
When you create an account, we collect:
- Name and email address
- Organization/firm name
- Billing information (processed securely by Stripe)
- Password (stored in hashed form)
Uploaded Content
When you use our Service, you may upload:
- Text message archives (JSON, CSV formats)
- Case information and names
- Contact mappings and labels
Usage Data
We automatically collect:
- Log data (IP address, browser type, pages visited)
- Feature usage statistics
- Search queries (for service improvement only)
How We Use Your Information
We use collected information to:
- Provide, maintain, and improve our Service
- Process your transactions and manage your subscription
- Send administrative communications (account updates, security alerts)
- Respond to your inquiries and support requests
- Analyze usage patterns to improve the Service
- Detect, prevent, and address technical issues or fraud
What We Do NOT Do
- We do NOT use your uploaded content to train AI models
- We do NOT sell your personal information to third parties
- We do NOT share your client data with other users or organizations
- We do NOT use your data for advertising purposes
Data Storage and Security
Your data is stored on secure servers located in the United States, using AWS and Supabase infrastructure. We implement:
- AES-256 encryption for data at rest
- TLS 1.3 encryption for data in transit
- Regular security audits and vulnerability assessments
- Access controls and authentication measures
Data Retention
We retain your personal information for as long as your account is active or as needed to provide you services. You may delete your data at any time:
- Case Data: Delete individual cases through your dashboard
- Account Data: Request account deletion via settings or by contacting us
- Demo Data: Automatically deleted after 1 hour
Upon account deletion, your data is removed from active systems within 30 days. Encrypted backups may be retained for up to 90 days for disaster recovery.
Third-Party Services
We use the following third-party services:
- Supabase: Database and authentication
- Stripe: Payment processing
- AWS: Cloud infrastructure
- OpenAI/Anthropic: AI-powered search (your data is not used for training)
Your Rights
For All Users
You have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your data
- Export your data in a portable format
- Withdraw consent for data processing
California Residents (CCPA)
California residents have additional rights to:
- Know what personal information is collected
- Know if personal information is sold or disclosed
- Opt-out of the sale of personal information (we do not sell data)
- Non-discrimination for exercising privacy rights
European Users (GDPR)
If you are in the European Economic Area, you have additional rights including:
- Data portability
- Restriction of processing
- Right to object to processing
- Right to lodge a complaint with a supervisory authority
Children's Privacy
Our Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Material changes will be communicated via email.
Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us: