YourLegalAITools Home

Privacy Policy

Effective date: June 21, 2026

This Privacy Policy explains how YourLegalAITools (“YourLegalAITools,” “we,” “us,” or “our”) collects, uses, discloses, retains, and safeguards information in connection with the website at yourlegalaitools.com and the related evidence-extraction services (collectively, the “Service”). By creating an account or using the Service, you acknowledge the practices described here.

Sensitive data you upload

The Service processes communications data you choose to upload (for example, phone-backup files containing other people’s messages). You are the controller of that data. You must have a lawful basis and all necessary authority, rights, or consents to upload and process it. See our Terms & Conditions.

1. Information we collect

Account information

When you register, our identity provider (Amazon Cognito) stores your name, email address, and authentication credentials. We do not store your password in plaintext.

Uploaded content (“Customer Data”)

The backup files you upload and the reports we generate from them. These may contain message text, timestamps, phone numbers, contact names, and attachment metadata. Customer Data is automatically and permanently deleted from active storage 24 hours after creation (see “Data retention”).

Decryption keys

If you provide a WhatsApp decryption key, it is held only transiently in memory and a short-lived secret to perform the extraction. It is never written to our database and never logged, and it is destroyed as soon as the job completes or the 24-hour window closes.

Payment information

Payments are processed by Stripe. We do not receive or store your full card number. We retain payment metadata (amount, status, timestamp, what was unlocked, and any promotional code applied) for accounting and audit purposes.

Operational records

We retain a non-content audit record of each job — integrity hashes, message counts, source file name and size, provenance header, and timestamps — even after the underlying files are purged.

Technical data

Standard server and security logs (such as request metadata and error diagnostics) and authentication tokens stored in your browser to keep you signed in.

2. How we use information

  • To provide, operate, secure, and improve the Service;
  • To perform the extraction you request and generate your reports;
  • To process payments and apply discount codes;
  • To maintain an auditable, tamper-evident record of extractions;
  • To communicate with you about your account, transactions, and support requests;
  • To detect, prevent, and respond to fraud, abuse, and security incidents;
  • To comply with legal obligations and enforce our Terms.

We do not sell your personal information or Customer Data, and we do not use Customer Data to train machine-learning models.

3. Data retention & deletion

  • Uploaded files and generated reports: permanently deleted from storage 24 hours after creation, via an automated lifecycle rule plus a scheduled cleanup process. You may also delete them manually at any time.
  • Decryption keys: destroyed on job completion or at the 24-hour boundary, whichever is first.
  • Audit records and payment metadata: retained for as long as needed for accounting, legal, and audit purposes.
  • Account information: retained until you delete your account.

4. How information is shared

We share information only with service providers (“sub-processors”) that help us run the Service, and only as needed:

  • Amazon Web Services — cloud hosting, storage, database, authentication, and compute;
  • Stripe — payment processing.

We may also disclose information if required by law, subpoena, or other legal process, or to protect the rights, safety, and security of users, the public, or YourLegalAITools. If we are involved in a merger, acquisition, or asset sale, information may be transferred subject to this Policy.

5. Security

We use industry-standard safeguards, including encryption in transit and at rest, private storage with short-lived access links, least-privilege access controls, and per-account isolation. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

6. Your choices & rights

You can access and update your profile, change your password, enable multi-factor authentication, download your reports during the 24-hour window, delete files immediately, and delete your account from the account dashboard. Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of personal data; to exercise them, contact us at the address below.

7. Cookies & local storage

We use browser local storage to hold authentication tokens that keep you signed in. We do not use third-party advertising or cross-site tracking cookies.

8. International users

The Service is operated in the United States. If you access it from elsewhere, you consent to the transfer and processing of information in the United States.

9. Children

The Service is intended for legal and business professionals and is not directed to anyone under 18. We do not knowingly collect information from children.

10. Changes to this Policy

We may update this Policy from time to time. Material changes will be posted here with a revised effective date. Continued use after changes constitutes acceptance.

11. Contact

Questions or requests: support@yourlegalaitools.com.