How we handle information, plainly stated.

LegalLady AI (“we,” “us,” “our”), a California company, operates the legallady.ai and app.legallady.ai websites, our iOS and Android mobile applications, and any future applications or services (collectively, the “Service”). This Privacy Policy explains how we collect, use, disclose, and protect information when you use our Service across any platform, whether you are a law firm subscriber, a team member, or a consumer interacting with an AI chat or voice agent deployed by a law firm through our platform.

Account and Organization Information

Name, email address, phone number, organization name, role, and billing information provided during registration and account setup.

Chat Widget Data

When website visitors interact with an AI chat widget deployed by a law firm, we collect the conversation content, visitor name and contact information (if provided), IP address, browser type, and referring URL.

Voice and Call Data

For AI voice agent interactions, we collect call recordings, call duration, phone numbers, transcripts, and metadata associated with inbound and outbound calls.

Usage and Analytics Data

We collect information about how you use the platform, including pages visited, features used, actions taken, device information, and performance metrics.

Lead and CRM Data

Information captured through intake workflows, including lead details, booking information, case type, and notes added by law firm staff.

• Provide, operate, and maintain the Service
• Process and manage AI chat and voice interactions
• Improve our AI models and service quality
• Generate analytics and reports for law firm subscribers
• Process billing and subscription management
• Send service-related notifications and updates
• Provide customer support
• Detect and prevent fraud, abuse, or security incidents
• Comply with legal obligations

LegalLady.AI shares personal information with third-party service providers acting as subprocessors. These providers are engaged across the following service categories:

• Telecommunications and voice infrastructure — call origination, routing, SMS delivery
• Calendar integration — read/write calendar events on customer firm’s behalf
• Transactional email service — delivery of platform-generated notifications and customer firm-initiated email
• AI and language model services — transcription, summarization, and conversational intelligence
• Voice synthesis — text-to-speech for outbound calls
• Payment processing — subscription billing
• Cloud infrastructure — hosting, storage, compute
• Analytics — product usage and performance metrics

Each subprocessor is bound by contractual obligations to process personal information only on LegalLady.AI’s instructions and in accordance with this Privacy Policy. LegalLady.AI does not publicly disclose the identity of specific subprocessors. A current subprocessor list is available to customer firms under a mutual non-disclosure agreement; contact legal@legallady.ai to request one.

We do not sell your personal information. We share data only in the following circumstances:

• With third-party service providers as described above, solely to operate the Service
• With the law firm whose AI agent you interacted with (for consumer visitors)
• When required by law, subpoena, or legal process
• To protect the rights, safety, or property of LegalLady AI, our users, or the public
• In connection with a merger, acquisition, or sale of assets (with prior notice)

When a customer firm uses LegalLady.AI to place or receive calls or text messages, LegalLady.AI may record, transcribe, and store the content of those communications on the firm’s behalf. The legal basis for this processing is the customer firm’s instruction and the customer firm’s representations that all necessary consents have been obtained from the individual being contacted.

LegalLady.AI acts as a data processor for these communications; the customer firm acts as the data controller. The customer firm is responsible for providing all required notices and obtaining all required consents under federal or state law (including but not limited to the California Invasion of Privacy Act, the wiretapping statutes of two-party-consent states, and other applicable recording-consent regimes) before any call is recorded.

Conversations between website visitors and AI chat agents are stored and made available to the law firm subscriber through the LegalLady AI dashboard. Chat transcripts may contain personal information voluntarily provided by the visitor. This data is treated as Customer Data owned by the law firm subscriber.

Call recordings, transcripts, message content, and associated metadata are retained for the duration of the customer firm’s active subscription and for up to ninety (90) days after termination, after which they are permanently deleted from our active systems. Backup copies are deleted on a rolling basis in accordance with our standard backup rotation schedule. Customer firms may request earlier deletion of specific records by contacting support@legallady.ai. We may retain certain data longer as required by law or for legitimate business purposes such as resolving disputes.

Individuals who have been called, messaged, or otherwise contacted through the LegalLady.AI platform may exercise their rights under applicable privacy law (including the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act (“CPRA”), the General Data Protection Regulation (“GDPR”) where applicable, and similar state and international privacy laws) by contacting the customer firm directly. LegalLady.AI will support customer firms in fulfilling these requests but does not maintain a direct relationship with end-users contacted through the platform.

When our platform places outbound calls on behalf of a law firm subscriber, we collect and store the phone number called, call duration, call recording (if enabled), transcript, and outcome. Outbound calls are only placed to individuals who have provided prior express consent through a lead intake form or equivalent opt-in mechanism.

Recipients of outbound calls may request to be added to a do-not-call list by informing the AI agent during the call or by contacting the law firm directly. Law firms are responsible for maintaining their own do-not-call lists and honoring opt-out requests.

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request what personal information we have collected about you
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise any of these rights, contact us at privacy@legallady.ai. We will respond within 45 days.

If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdiction with data protection laws, you may have additional rights regarding your personal data, including:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure (“right to be forgotten”)
• Right to restrict processing
• Right to data portability
• Right to object to processing

LegalLady AI processes data based on the following legal bases: (a) performance of a contract (providing the Service); (b) legitimate interests (improving and securing the Service); and (c) consent (where applicable).

To exercise any GDPR rights, contact us at privacy@legallady.ai. We will respond within 30 days.

Law firms using LegalLady AI to process client or prospective client data may require a Data Processing Agreement (DPA) to comply with their ethical obligations and applicable data protection laws. We make a standard DPA available upon request.

To request a DPA, contact us at privacy@legallady.ai.

Law firms are responsible for ensuring their use of LegalLady AI complies with applicable legal ethics rules, including rules governing client confidentiality, data security, and the use of technology in legal practice.

We implement industry-standard security measures to protect your data, including encrypted data transmission (TLS), secure database storage, JWT-based authentication, role-based access controls, and regular security reviews. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

When consumers interact with AI chat or voice agents deployed through the LegalLady AI platform, the AI agent’s greeting is configured to identify itself as an AI assistant. Law firms are required under our Terms of Service to maintain this disclosure and ensure consumers are aware they are communicating with an artificial intelligence system, not a human attorney or staff member.

Information shared during AI interactions is stored securely and made available to the subscribing law firm. Consumers should not share sensitive personal information (such as Social Security numbers, financial account numbers, or privileged legal communications) through AI chat or voice agents.

The Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@legallady.ai.

We use cookies and similar technologies to maintain your session, remember preferences, and collect usage analytics. The chat widget deployed on law firm websites may also use cookies to maintain conversation state. You can control cookie settings through your browser, but disabling cookies may affect functionality.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or through the platform and update the effective date at the top of this page. We encourage you to review this policy periodically.

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at: