🔒

Zero-Retention Architecture

Files are processed in RAM only — never written to disk. This is a technical guarantee, not a marketing claim.

Legal

Privacy Policy

Last updated: May 2, 2026 · Governing jurisdiction: Florida, USA

1. Scope

This Privacy Policy applies to all products in the ShieldDrop Legal Suite — ShieldDrop, CaseBrief, TrialMind, VaultDictate, VaultNotes, DocketForge, RedactAI, DeadlineCalc, ChainKeep — and all web properties at shielddroplegal.com.

2. Files You Upload — Zero Retention

Processed in RAM only. No uploaded file is ever written to disk, database, or object storage.
Never read by humans. Processing is fully automated. No employee can access your file content.
Destroyed after delivery. Memory is discarded the moment your processed file is returned to your browser.
No fingerprints retained. We do not store file names, sizes, checksums, or any file-identifying metadata.

This architecture is compatible with attorney-client privilege and work product doctrine requirements.

3. Account and Subscription Data

For paid subscribers we store: email address (billing/notifications), Stripe payment tokens (never raw card data), subscription status, and plan tier. Referral codes are stored in your browser localStorage only.

4. AI Tools — CaseBrief, TrialMind, LexAI

Text you paste into AI tools is sent to third-party LLM APIs (Google Gemini → Groq → OpenRouter) to generate analysis. We recommend: do not paste real client names, SSNs, or case numbers. Use pseudonyms. We do not store AI inputs or outputs beyond your active session.

5. Analytics and Cookies

We use minimal analytics for aggregate performance metrics only — no behavioral profiling, no advertising cookies, no cross-site tracking. Cookies: session auth (expires on close), Stripe payment tokens, localStorage values (theme, audit log, referral code — never transmitted).

6. Third-Party Service Providers

StripePaymentsEmail, payment tokens

ResendTransactional emailEmail, subscription events

Google GeminiAI analysisText pasted into AI tools

GroqAI fallbackText pasted into AI tools

RailwayHostingServer logs (no file content)

7. Security

All data in transit is TLS 1.2+ encrypted. Infrastructure is hosted on Railway in the US. Production access requires MFA and least-privilege controls. Because we do not store your files, the attack surface for a client document breach is eliminated at the architecture level.

8. Your Rights

Access: Email privacy@shielddroplegal.com to receive all account data we hold.
Deletion: Request account deletion anytime. Data removed within 30 days (subject to legal retention obligations).
CCPA: We do not sell your personal information. Contact us for CCPA requests.

9. Children's Privacy

The Service is intended for legal professionals 18+. We do not knowingly collect data from minors.

10. Changes

Material changes communicated to subscribers 14 days before effect. Continued use constitutes acceptance.

11. Contact

Privacy: privacy@shielddroplegal.com

Legal: legal@shielddroplegal.com