Skip to content
Privacy

Privacy Policy

Legitym handles sensitive legal data. Here is exactly how we collect, process, protect, and store your information.

Last Updated: March 25, 2026

Where Is Your Data?

Full transparency on where your data is processed and stored.

Uploaded Documents

Cloudflare R2, Europe region (EU). ISO 27001 certified.

Database

Neon PostgreSQL (EU migration planned Q2 2026).

AI Analysis — Google Cloud AI

  • Google does NOT retain your data for training (Google Cloud Platform Terms of Service, Section 5.2).
  • API requests are processed and deleted after response.
  • EU data residency option available (Vertex AI) on Enterprise plan.

Payments

Stripe (PCI-DSS Level 1 certified). No card data touches our servers.

No data is sold, shared, or used for advertising purposes.

Professional Secrecy

Professional Secrecy & Lawyer Confidentiality

Legitym is committed to respecting the professional secrecy of lawyers (Art. 66-5 of the Law of December 31, 1971).

Client case data is encrypted at rest (AES-256) and in transit (TLS 1.3).

No Legitym employee accesses your case files without your explicit authorization.

Right to complete deletion of your data at any time (GDPR Art. 17).

DPA (Data Processing Agreement) available on request for law firms.

Marketplace data (client-lawyer matching) is anonymized until mutual agreement.

Your Rights (GDPR)

You have full control over your personal data under European regulation.

Art. 15

Right of Access

Request a copy of all your personal data held by Legitym.

Art. 16

Right to Rectification

Correct any inaccurate personal data we hold about you.

Art. 17

Right to Erasure

Delete your account and all your data permanently.

Art. 20

Right to Portability

Export your data in a standard, machine-readable format.

Art. 21

Right to Object

Object to the processing of your personal data.

Contact our Data Protection Officer for any request:

privacy@legitym.com

General Policy

1. Information We Collect

We collect information you provide directly: name, email, professional details, payment information, and documents you upload to the platform. We also collect usage data (pages visited, features used) and device information (browser, IP address) to improve our services.

2. How We Use Information

We use your information to: provide AI-powered legal analysis, process case files, match clients with lawyers on the marketplace, process payments, send transactional notifications, improve our AI models (using anonymized aggregate data only), and ensure platform security.

3. Information Sharing

We do not sell your personal information. We share data only with: infrastructure providers (Vercel, Neon, Cloudflare) for hosting, Stripe for payment processing, Google for AI analysis (under strict API terms), and as required by law. Marketplace matching data is anonymized until both parties agree to connect.

4. Cookies and Tracking

We use essential cookies for authentication and session management. Optional analytics cookies help us improve the platform. You can manage your cookie preferences at any time. See our Cookie Policy for full details.

5. Data Retention

We retain your data as long as your account is active. Case files are retained for the duration you specify or until you delete them. Upon account deletion, all personal data is permanently erased within 30 days. Anonymized analytics data may be retained longer.

6. Children's Privacy

Our service is a professional legal platform not intended for children under 16. We do not knowingly collect data from minors.

7. International Transfers

Your data is primarily processed in Europe. Where transfers to third countries occur (e.g., AI processing), we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and adequacy decisions.

8. Changes to Policy

We may update this policy periodically. Significant changes will be notified via email and in-app notification at least 30 days before taking effect.

Questions About Your Privacy?

Our Data Protection Officer is available to answer any question about how we handle your data.

Privacy Policy | Legitym | Legitym