Custody Commander
DRAFT — pending attorney review. This document is a working outline, not the final policy. Do not rely on it; the reviewed version will replace this page before launch.

Privacy Policy

Draft last updated June 2026.

What this policy will cover

Privacy is not a footnote for this product — our users store evidence, message archives, and case materials with us, often in situations where privacy is a safety issue. The reviewed policy will plainly state, at minimum:

1. What we collect

  • Account information (email, authentication data).
  • Case content you choose to upload: files, descriptions, tags, messages, and notes. This content frequently includes other people's words and images; we process it solely to provide the service to you.
  • Service and security logs (access logs, audit trail of actions on your case).
  • Billing information, processed by our payment provider — we do not store full card numbers.

2. How we use it

  • To provide the product: storage, organization, search, exports, and — where you use them — AI-assisted features such as text extraction and message review. AI processing is disclosed in-product and applies only to content you submit to those features.
  • We do not sell personal data. We do not use your case content for advertising. We will state explicitly whether and how any content is used to improve the service, with controls.

3. Where it lives and who can see it

  • US-region cloud infrastructure only; encryption in transit and at rest; access logging.
  • No employee access to case content without documented, consent-based support workflows.
  • Attorneys or advocates see your case only if you invite them, scoped to that case.

4. Legal process and subpoenas

Because we host evidence and message archives, we may receive legal demands — including from opposing parties in our users' cases. The final policy will state precisely what data exists, what we can and cannot produce, and how we respond to legal process, including notice to you where lawful. We will never market your records as "private from the court": records you create are generally discoverable from you regardless of where they're stored.

5. Deletion, retention, and export

  • You can export your complete case bundle at any time.
  • User-controlled deletion, including hard-delete of originals on request (with an export-first warning).
  • A stated retention window for closed accounts.

6. Safety-related practices

  • Notification content is configurable and conservative by default — no revealing subject lines.
  • Aggressive session timeouts; account changes require re-authentication and trigger alerts.

7. Contact

A designated privacy contact will be listed here before launch.