LegalIndia.ai← Home

Privacy Policy

Effective: 25 January 2025

1. Who We Are

LegalIndia.ai is operated by WeYou X Technologies Private Limited, a company incorporated under the laws of India. We provide sovereign legal intelligence services designed exclusively for legal professionals practicing in India.

Our platform helps lawyers conduct legal research, analyze cases, draft documents, and generate property opinions — all within a secure, private workspace that respects the confidentiality standards of the legal profession.

All your data stays in India. This is not a policy choice — it is an architectural guarantee. Our systems are built to ensure your professional data never leaves Indian jurisdiction.

2. Our Privacy Commitment

We understand that legal professionals handle sensitive, privileged information. Our privacy practices are designed with this reality in mind.

What This Means for You:

  • Your legal work belongs to you. The research you conduct, the documents you draft, the case strategies you develop — these remain in your private workspace, accessible only to you.
  • We do not read your cases. Our team cannot access your legal matter data without your explicit authorization tied to a specific support request you initiate.
  • We do not use your work to help others. Your case details, research patterns, and drafted documents are never used to train models that serve other users.
  • We do not sell data. We are a legal intelligence platform, not a data business. Our revenue comes from subscriptions, not from monetizing your information.

3. Information We Collect

3.1 Account Information

When you register, we collect your name, email address, and mobile number for account creation and authentication. We use OTP verification to secure your account.

Optionally, you may provide your Bar Council enrollment number for verification, your jurisdiction of practice, areas of specialization, and professional designation. This helps us provide more relevant legal intelligence.

3.2 Your Legal Work

When you use our platform, we process the information necessary to provide our services. This includes research queries you submit, case details you provide for analysis, documents you upload for processing (such as deeds, contracts, and pleadings), opinions and drafts we generate for you, and notes and annotations you create.

This data constitutes your professional workspace. It is stored in an isolated environment that only you can access. We treat all such information as potentially privileged and apply the highest confidentiality standards.

3.3 Usage Information

We automatically collect technical information necessary for security and service operation. This includes session timestamps, feature usage patterns (in aggregate form), device and browser information, and error logs for troubleshooting. We use this information to secure your account, prevent unauthorized access, and improve our platform. Individual usage patterns are not analyzed or profiled.

3.4 Payment Information

Subscription payments are processed through Razorpay, a PCI-DSS compliant payment gateway. We receive transaction confirmations and invoice details for our records. We never store your complete card numbers, CVV, or banking credentials.

4. How We Use Your Information

We use your information only for purposes that serve your professional needs:

  • Service Delivery: To provide the legal research, case analysis, document drafting, and opinion generation services you request. This is the core purpose of our platform.
  • Context Continuity: To remember your research history and maintain context across sessions. This means you do not need to re-explain your matters each time. Your accumulated context becomes an asset that makes the platform more useful over time.
  • Security: To verify your identity, protect your account from unauthorized access, detect suspicious activity, and maintain the integrity of your workspace.
  • Legal Compliance: To comply with applicable Indian laws, respond to lawful requests from competent authorities under due process, and fulfill our tax and regulatory obligations.
  • Service Improvement: To improve our platform using anonymized, aggregated data that cannot identify individual users or their specific legal matters. We analyze patterns across the platform to enhance our legal databases and algorithms.

5. Data Sovereignty

Data sovereignty is not a feature we offer — it is the foundation of our platform.

All personal data is processed and stored exclusively within the territory of India. Our systems are designed with hard boundaries that prevent data from leaving Indian jurisdiction under any circumstance. If a technical failure were to risk data leaving India, our systems halt entirely rather than process the request.

This approach ensures compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act), particularly Section 16 regarding data localization. It also ensures your data remains under Indian legal jurisdiction, protected by Indian law, and beyond the reach of foreign legal processes.

We maintain zero dependencies on foreign services in our data processing pipeline. Your legal work is processed by Indian-trained models on Indian infrastructure.

6. Data Security

We implement multiple layers of protection for your data:

  • Workspace Isolation: Your workspace is cryptographically separated from other users. This is a hard technical boundary — not a policy control. Other users cannot access your data, and their data cannot contaminate yours.
  • Encryption: All data is encrypted during transmission and while stored. Sensitive fields like identity documents receive additional encryption with separate keys.
  • Access Control: Only you can access your legal work. Our support team cannot view your case details without explicit authorization that you provide, tied to a specific support ticket, and logged in our audit system.
  • Audit Trail: All access to your data is logged. These logs are maintained in tamper-resistant storage and retained for seven years per statutory requirements.
  • Security Testing: We conduct regular security assessments and maintain our systems according to ISO 27001:2022 standards.

7. Data Retention

Data TypeRetentionReason
Account DataUntil you deleteService provision
Your Legal WorkYou controlYour private workspace
Research HistoryYou controlContext continuity
Security Audit Logs7 yearsIT Act 2000 compliance
Payment Records8 yearsGST and Income Tax
Session Data24-48 hoursPerformance only

When you delete your account, we remove your personal data and legal work within 30 days, except where retention is required by law.

8. Your Rights Under DPDP Act 2023

As a Data Principal under the Digital Personal Data Protection Act, 2023, you have the following rights:

  • Right to Access: You may request a summary of your personal data being processed, the purposes for which it is processed, and the categories of entities with whom it has been shared.
  • Right to Correction: You may request correction of inaccurate personal data, completion of incomplete data, and updating of outdated information.
  • Right to Erasure: You may request deletion of your personal data when it is no longer necessary for the purpose it was collected, or when you withdraw consent.
  • Right to Withdraw Consent: You may withdraw your consent for any specific processing at any time. Withdrawal does not affect the lawfulness of processing conducted before withdrawal.
  • Right to Grievance Redressal: You may lodge a complaint with our Data Protection Officer. If you are not satisfied with our response, you may escalate to the Data Protection Board of India.
  • Right to Nominate: You may nominate another individual to exercise your rights in the event of your death or incapacity.

To exercise any of these rights, contact our Data Protection Officer at dpo@legalindia.ai. We will respond within 30 days.

9. Information Sharing

We share your information only in limited circumstances:

Service Providers

We work with carefully selected partners who help us operate the platform. These include authentication services for secure login, SMS providers for OTP delivery, and payment processors for subscription handling. Each provider is contractually bound to use your data only as we instruct and to maintain appropriate security measures.

Legal Requirements

We may disclose your information when required by Indian law, court order, or a valid request from a competent authority. In such cases, we will notify you unless legally prohibited from doing so. We will challenge requests we believe are overly broad or improper.

What We Never Do

  • We never sell your personal data to anyone.
  • We never share your legal work with other users or third parties.
  • We never provide your information to advertisers or marketing companies.
  • We never use your case details to train models that serve other users.

10. Cookies and Similar Technologies

We use cookies to operate and secure the platform:

  • Essential Cookies: Necessary for authentication, session management, and security. You cannot disable these while using the platform.
  • Preference Cookies: Remember your settings such as language preference and display options. They make your experience more convenient but are not strictly necessary.
  • Analytics Cookies (Optional): If you consent, we use analytics to understand how the platform is used in aggregate. This helps us improve our services. These cookies do not track you across other websites.

We do not use advertising cookies, cross-site tracking, or browser fingerprinting. You can manage cookies through your browser settings.

11. Children's Privacy

LegalIndia.ai is designed for licensed legal professionals. We do not knowingly collect personal data from individuals under 18 years of age. If we discover that we have inadvertently collected such data, we will delete it promptly.

12. For Users Outside India

LegalIndia.ai is designed for legal professionals practicing in India. If you access our platform from outside India, please be aware that your data will be transferred to and processed in India, our platform is optimized for Indian legal practice, and Indian law governs all data processing.

We recommend that legal professionals outside India use platforms designed for their jurisdiction.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or services. When we make material changes, we will notify you via email at least 30 days before they take effect, post a prominent notice on the platform, and provide an opportunity to review the changes.

Your continued use of the platform after the effective date constitutes acceptance of the updated policy. If you disagree with the changes, you may delete your account before the effective date.

The effective date at the top of this policy indicates the current version.

14. Legal Basis for Processing

Under the DPDP Act 2023, we process your data based on the following grounds:

  • Consent: Your explicit, informed consent obtained at registration and for specific processing activities. You may withdraw consent at any time.
  • Contractual Necessity: Processing required to provide the services you have subscribed to.
  • Legal Obligation: Processing required to comply with Indian law, including maintaining records for statutory periods and responding to lawful requests.
  • Legitimate Interests: Limited processing for security, fraud prevention, and service improvement, conducted with appropriate safeguards.

15. Contact Us

Data Protection Officer
Email: dpo@legalindia.ai
Response time: Within 7 business days

General Support
Email: support@legalindia.ai
For account, billing, and technical assistance

If you are not satisfied with our response to your privacy concern, you may escalate to the Data Protection Board of India as established under the DPDP Act 2023.

This Privacy Policy is governed by the laws of India. Any disputes shall be subject to the exclusive jurisdiction of courts in India.
DPDP Act 2023 Compliant · IT Act 2000 Section 43A · ISO 27001:2022