BenchSightby A.I. Esquire
Legal

Privacy Notice

Last updated: April 17, 2026 · v0.2 (Beta)

1. Who we are

BenchSight is a product of A.I. Esquire, Inc. ("BenchSight", "we", "us"). A.I. Esquire, Inc. is the data controller for personal data processed through the BenchSight service. Contact: privacy@benchsight.app.

2. Categories of personal data we collect

  • Account data: email, full name, bar number, bar state, firm name, jurisdictions of practice, hashed password (or OAuth identifier).
  • Usage data: briefs you generate, judges and counsel you save to a watchlist, search queries, application logs, device identifiers, and IP address.
  • Contributed content: case outcomes you submit (some fields encrypted at rest).
  • Support and communication data: messages you send to support and any attachments.
  • Billing data: handled by our payment processor Paddle (see Section 5). We receive limited billing metadata (subscription status, plan, renewal date) — not your full card number.

3. Purposes and legal bases

We process personal data on the following legal bases (UK/EEA users — analogous bases apply in other jurisdictions):

  • Performance of contract: to create and operate your account, deliver briefs and analytics, and provide customer support.
  • Legitimate interests: to secure the service against fraud and abuse, debug errors, improve the product, and produce aggregated, anonymized statistics from contributed case outcomes.
  • Legal obligation: to comply with tax, accounting, and lawful requests from authorities.
  • Consent: for any optional marketing communications and any non-essential cookies. You may withdraw consent at any time.

4. What we don't do

We do not sell your personal data. We do not share your individual briefs or raw contributions with third parties. We do not train external AI models on your data without explicit opt-in. Contributed case outcomes are aggregated anonymously into judge and counsel statistics — your name is never linked to a specific outcome shown to other users.

5. Who we share data with

  • Paddle.com Market Limited (Paddle): our Merchant of Record for sale of subscriptions. Paddle processes your billing details, handles payments, sales tax/VAT compliance, invoicing, refunds, and related customer service. Paddle is an independent data controller for payment-related data. See Paddle's Privacy Policy.
  • Hosting and infrastructure: Lovable Cloud (database, authentication, file storage, edge functions).
  • AI providers: Lovable AI Gateway is used to generate brief narratives. Prompts contain only the parameters you selected (judge, counsel, case type) — not your private notes.
  • Email and support tooling: transactional email and support providers, used solely to communicate with you.
  • Public data sources: we read from CourtListener for federal judge and attorney data; we do not send your personal data there.
  • Professional advisers and authorities: legal, accounting, and regulatory bodies where required by law.

6. International transfers

Our hosting infrastructure and Paddle's processing may transfer personal data outside your country of residence, including to the United States, the United Kingdom, and the European Economic Area. Where required, transfers are protected by Standard Contractual Clauses, adequacy decisions, or equivalent safeguards.

7. Data retention

  • Account data: retained for the life of your account. Deleted within 30 days after you close your account.
  • Briefs and watchlist: retained while your account is active; deleted with your account.
  • Raw contributed case outcomes: deleted within 30 days of account closure. Aggregated, anonymized statistics derived from contributions may persist indefinitely as they no longer identify you.
  • Application and security logs: up to 90 days.
  • Billing and tax records: retained by us and Paddle for the period required by law (typically up to 10 years for tax records).
  • Support correspondence: up to 24 months after the issue is resolved.

8. Your rights

Depending on where you live, you have the right to access, correct, delete, port, restrict, or object to our processing of your personal data, and to withdraw consent at any time. UK/EEA residents also have the right to lodge a complaint with their supervisory authority. We respond to verified requests within one month. To exercise any of these rights, email privacy@benchsight.app or delete your account from Settings.

9. Security

We use appropriate technical and organisational measures to protect personal data, including TLS in transit, encryption at rest for sensitive contribution fields, row-level security so users can only access their own rows, hashed passwords, and least-privilege access for staff. No system is perfectly secure; if we become aware of a breach affecting your data we will notify you and the relevant authorities as required by law.

10. Cookies

We use strictly necessary cookies for authentication and session management. We do not currently use advertising cookies. If we add analytics or marketing cookies, we will request your consent and you will be able to manage preferences.

11. Changes

If we materially change this Notice, we will update the "Last updated" date and, where appropriate, notify you by email or in-app message.

12. Contact

A.I. Esquire, Inc. · privacy@benchsight.app