Privacy Policy
Effective Date: July 2026
At Judicio, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered legal intelligence platform.
1. Information We Collect
1.1 Personal Information
We may collect personal information that you voluntarily provide to us when you:
- Register for an account
- Subscribe to our services
- Contact our support team
- Participate in surveys or promotions
This may include your name, email address, phone number, billing information, and professional details.
1.2 Usage Data
We automatically collect certain information when you access our platform, including your IP address, browser type, operating system, access times, and the pages you view.
1.3 Document Data
When you use our document review and analysis features, we process the documents you upload. We treat this data with the highest level of confidentiality.
1.4 Payment Information
Payment card details are collected and processed directly by our payment providers — Razorpay for customers in India and Dodo for international customers — and are never stored on Judicio's systems. We retain only the billing records needed for invoicing, tax, and accounting purposes.
2. Data from Connected Accounts (Google and Microsoft)
Judicio lets you optionally connect third-party accounts so your own emails and files can be used as sources inside the product. These connections are always initiated by you, are read-only, and can be revoked at any time.
- Google Drive: when you import files, Judicio accesses only the specific files you pick through Google’s file picker (the
drive.filescope), to bring those documents into your workspace for review and analysis. - Gmail: if you connect Gmail, Judicio’s Research feature can search your messages (the
gmail.readonlyscope) so relevant emails can be surfaced and cited alongside your legal research. Judicio reads messages only to return and cite the search results you request. - Microsoft OneDrive, SharePoint, and Outlook: equivalent read-only access to the files and mail you choose to import or search.
Content retrieved from a connected account is used solely to provide the feature you invoked (file import, or email search and citation) and is handled under the confidentiality and security controls described in this policy. We do not use this data for advertising, we do not sell it, and we do not allow humans to read it except where you explicitly request support, where required for security or to comply with law, or where the data has been aggregated or anonymised. OAuth access and refresh tokens are encrypted at rest, are never exposed to your browser, and are deleted when you disconnect the account.
2.1 Google API Limited Use
Judicio’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
2.2 Revoking Access
You can disconnect a linked account at any time from your Judicio settings, or from your Google Account permissions page at myaccount.google.com/permissions. Disconnecting deletes the stored tokens for that account.
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain our services
- Process transactions and send related information
- Improve and personalize your experience
- Develop new products and features
- Communicate with you about updates, security alerts, and support
- Detect and prevent fraud and abuse
- Comply with legal obligations
No AI training on your content: we do not use the documents you upload, the prompts you submit, or the outputs generated for you to train AI models — ours or anyone else's. Your content is processed solely to deliver the features you invoke and remains yours.
4. Data Security
We implement industry-standard security measures to protect your information, including:
- End-to-end encryption for data in transit and at rest
- Regular security audits and penetration testing
- Access controls and authentication mechanisms
- Secure data centers with physical security measures
- Employee training on data protection practices
5. Data Sharing and Disclosure
We do not sell your personal information. We may share your information only in the following circumstances:
- Service Providers: With trusted third parties who assist in operating our platform
- Legal Requirements: When required by law, regulation, or legal process
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- Consent: With your explicit consent
The service providers (subprocessors) we rely on fall into the following categories: cloud hosting and infrastructure (Google Cloud Platform), authentication (Clerk), payment processing (Razorpay and Dodo), email and notification delivery, and AI model providers that process your content under contractual terms prohibiting its use for model training. Each provider receives only the information necessary to perform its function and is bound by confidentiality and data protection obligations.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your personal data
- Restriction: Request limitation of processing
- Portability: Request transfer of your data to another service
- Objection: Object to certain processing activities
To exercise any of these rights, email us at privacy@judicio.ai. We will respond within 30 days (one month) as required under the GDPR and India's Digital Personal Data Protection Act, 2023. You also have the right to lodge a complaint with your local data protection or supervisory authority.
7. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Upon account termination, we will delete or anonymize your data within 90 days, except where retention is required for legal purposes.
8. Cookies and Tracking
We use cookies and similar technologies to:
- Keep you logged in to your account
- Remember your preferences and settings
- Analyze how our platform is used
- Measure the effectiveness of our advertising
- Improve our services
For advertising measurement, our websites use the Reddit advertising pixel, which sets the _rdt_uuid and _rdt_cid cookies, and the LinkedIn Insight Tag, which sets cookies such as li_fat_id and a pseudonymous LinkedIn Ads ID. These help us attribute visits, sign-ups, and demo requests to our ad campaigns and are shared with Reddit and LinkedIn respectively for ad conversion measurement. We also set first-party cookies (_judicio_attr, _li_fat_id, _rdt_cid) to remember which campaign brought you to us.
You can control cookie preferences through your browser settings.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your own, including outside the European Economic Area (EEA), the United Kingdom, and India. Where we transfer personal data across borders, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, adequacy decisions, or comparable mechanisms required under applicable data protection laws.
10. Children's Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our platform and updating the effective date. Your continued use of our services after such changes constitutes acceptance of the updated policy.
12. Legal Bases for Processing and Your GDPR / DPDP Rights
Where the EU/UK General Data Protection Regulation (GDPR) applies, we process your personal data only when we have a valid legal basis to do so:
- Contract: to provide the services you have requested and fulfil our agreement with you;
- Legitimate interests: to operate, secure, and improve our platform, provided your rights do not override these interests;
- Consent: where you have given us permission, for example for certain marketing communications (you may withdraw consent at any time);
- Legal obligation: to comply with applicable laws, regulations, and lawful requests.
If you are located in India, we process your personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act). As a Data Principal, you have the right to access, correct, update, and erase your personal data, to nominate another individual to exercise your rights, and to grievance redressal. We rely on your consent or other legitimate uses permitted under the DPDP Act.
You may also lodge a complaint with your competent supervisory authority — a data protection authority in the EEA, the Information Commissioner's Office (ICO) in the United Kingdom, or the Data Protection Board of India.
13. Grievance Officer and Contact
If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or want to raise a concern, please contact our data protection team. We will acknowledge and address grievances within the timelines required by applicable law.
- Data Protection & Privacy: privacy@judicio.ai
- General Support: help@judicio.ai
- Entity: SCRAPEGG SOFTWARE PRIVATE LIMITED (Judicio.ai), Bengaluru, Karnataka, India
- Contact form: judicio.ai/contact