Skip to main content
Free demo on your legal case — no obligation — contact us for details

Legal

Privacy Policy

Your trust is the foundation of our business. This policy explains how DiscoverLex collects, uses, and protects your information.

Last updated: February 2026

Information We Collect

We collect information necessary to provide and improve our services. This includes:

  • Account Information — Name, email address, organization name, and billing details provided during registration.
  • Document Data — Legal documents and files uploaded to the platform for analysis. See the Document Data section below for critical details on how this data is handled.
  • Usage Data — Information about how you interact with our platform, including feature usage patterns, session duration, and performance metrics. This data is used exclusively to improve service quality.

How We Use Your Information

  • To provide, maintain, and improve our document analysis services.
  • To process transactions and send related billing communications.
  • To respond to support requests and provide technical assistance.
  • To send service-related announcements, security alerts, and product updates.
  • To monitor and analyze usage trends to improve platform performance and reliability.
  • To comply with legal obligations and enforce our terms of service.

We will never use your data to train general-purpose AI models. Your information is used solely in the context of delivering and improving the services you have contracted for.

Data Storage & Security

Security is not an afterthought at DiscoverLex — it is a core architectural requirement. We implement the following measures to protect your data:

  • SOC 2 Type II-Aligned Controls — Our infrastructure and processes are designed and operated to meet SOC 2 Type II standards for security, availability, and confidentiality.
  • Encryption at Rest — All stored data is encrypted using AES-256 encryption.
  • Encryption in Transit — All data transmitted between your systems and ours is protected with TLS 1.2 or higher.
  • On-Premise Deployment — For organizations with strict data residency requirements, DiscoverLex offers on-premise deployment options where all data remains entirely within your own infrastructure.

Document Data

This is the most important section of our privacy policy for legal professionals.

Uploaded legal documents are processed entirely within your secure environment. DiscoverLex does not access, read, copy, or store the content of your documents on our systems.

Our architecture is designed so that document analysis occurs within your organization's infrastructure. The AI models that process your documents run in your environment, not ours. We have no mechanism to retrieve or view the contents of any documents you upload.

This means attorney-client privilege and work product protections remain intact. Your confidential legal materials never leave your control.

Third-Party Services

We use a limited number of third-party services to operate our platform:

  • Analytics Providers — We use privacy-respecting analytics to understand how our marketing site and platform are used. No document content is ever shared with analytics providers.
  • Infrastructure Providers — Our cloud infrastructure partners are SOC 2-aligned and process data only as necessary to provide hosting and compute services.
  • Payment Processors — Billing information is handled by PCI-DSS compliant payment processors. We do not store credit card numbers on our systems.

We do not sell, rent, or share your personal information with third parties for their marketing purposes. Period.

Data Retention

We retain your account information for as long as your account is active or as needed to provide you services. If you close your account, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes such as resolving disputes.

Usage data and analytics are retained in anonymized, aggregated form and cannot be tied back to individual users after account deletion.

Your Rights

Regardless of where you are located, we provide all users with the following rights regarding their personal data:

  • Right to Access — You can request a copy of the personal data we hold about you.
  • Right to Deletion — You can request that we delete your personal data, subject to legal retention requirements.
  • Right to Portability — You can request your data in a structured, machine-readable format for transfer to another service.
  • Right to Correction — You can request that we correct any inaccurate personal data.
  • Right to Opt Out — You can opt out of non-essential communications at any time.

These rights are provided in accordance with applicable privacy regulations including the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR). To exercise any of these rights, contact us using the information below.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by email or through a prominent notice on our platform at least 30 days before the changes take effect.

We encourage you to review this policy periodically. Continued use of our services after changes become effective constitutes acceptance of the revised policy.

Contact Us

If you have questions about this privacy policy, want to exercise your data rights, or have concerns about how your information is handled, reach out to us:

Email: info@discoverlex.com

Phone: (337) 205-2288

We aim to respond to all privacy-related inquiries within 5 business days.