Privacy Policy

What we collect

Categories of personal information we collect:

• Identifiers — your name and email address.
• Account credentials — a hashed password (we never store your plaintext password).
• User-submitted content — the motion or brief text you paste into the grader, stored on your account so you can revisit and manage your runs.
• Verification and grading results — extracted citations with CourtListener lookup results (verified / hallucinated / unknown status) and LexGrade Standard scores produced by the AI grader.
• Internet and network activity — IP address, browser user-agent, and timestamps, used only for rate-limiting and security.

Why we collect it

To provide citation verification and LexGrade Standard grading, and to let you revisit your past runs. That’s the only purpose. We do not sell your personal information, share it with advertisers, or use it to train any model. We do not have an advertising network.

We do not sell or share your personal information.

What we share, and what we don't

The following third-party service providers (“subprocessors”) receive data on our behalf to operate LexGrade. They are contractually prohibited from using that data for their own purposes.

• Anthropic receives the full text of your pasted motion to produce the LexGrade Standard grade. Anthropic retains API inputs for approximately 30 days for trust-and-safety review and then deletes them. Anthropic’s policy states API data is not used to train its models. Deleting your LexGrade account removes your text from our database, but Anthropic’s 30-day retention window runs independently under its own policy. See Anthropic’s Privacy Policy.
• CourtListener / Free Law Project receives the parsed citation triples — volume, reporter, and page number — for each citation we look up on your behalf. The full text of your motion is never sent to CourtListener. Only the structured citation data goes off-platform. See Free Law Project’s Privacy Policy.
• Resend delivers transactional email (password resets, account notifications). Resend receives your email address and the content of those messages. See Resend’s Privacy Policy.
• Stripe processes payments for grading credits. Stripe receives payment-card details directly; LexGrade never sees or stores raw card numbers. See Stripe’s Privacy Policy.
• Laravel Cloud hosts the LexGrade application and database. Your data resides on Laravel Cloud’s managed infrastructure in the United States. See Laravel’s Privacy Policy.
• Cloudflare provides DNS and CDN services. Cloudflare sees request metadata (IP addresses, URLs, headers) at the network edge but does not receive the body of your pasted motion text. See Cloudflare’s Privacy Policy.
• Law enforcement — only when we receive a valid legal demand. We do not voluntarily share user data with government agencies.

AI grading disclosure

When you submit a motion for grading, the full text of your submission is sent to Anthropic’s API to produce a LexGrade Standard score and technique-register assessment. This is a core part of the service. If you do not want your text processed by an external AI provider, do not use the grading feature; the citation-verification step alone does not send your motion text to Anthropic.

Deleting a grading run from LexGrade removes it from our database. Anthropic independently retains API inputs for approximately 30 days under its own data-retention policy before deletion. LexGrade does not control Anthropic’s retention schedule.

Retention

We keep your data until you delete it. There is no automatic retention period; if you stop using LexGrade and never delete your account, your data persists until you act. We may purge obviously-spam accounts (no logins for 24+ months and zero verifications) at our discretion.

When you delete a run it is removed from your account immediately. On our servers it is soft-deleted and held for a 30-day window as a recovery safety net — there is no self-service Trash or Restore; recovery within that window is operator-assisted only. Once the 30 days lapse, a scheduled job hard-deletes the row and the run cannot be recovered. Whole-account deletion is immediate and skips the recovery window entirely.

Retention window, precisely: soft-deleted runs are hard-deleted 30 days after deletion via a scheduled job (grader:purge-trash) that runs daily at 03:15 UTC. Day 31 they're gone. The cutoff is exact, not approximate — the job hard-deletes any row whose deleted_at timestamp is older than 30 days.

Training, aggregation, and research

User-submitted motion text is never used for training, aggregation, or research without explicit opt-in. We do not feed your motions into model fine-tuning, derive aggregate datasets from them, or share them with researchers. If we ever want to do any of those things, it will be an opt-in checkbox on a feature you choose to enable — never a buried clause in a Terms update. The LexGrade Standard this service grades against is open and reproducible; your text stays yours.

Incident disclosure

If we detect unauthorized access to personal data, we notify affected users within 72 hours of confirmation. Notification goes to the email address on the affected account and includes: what we know, what we don't yet know, what data was reached, what we're doing about it, and what you should do. We do not wait for the full forensic picture before making contact — partial information delivered promptly is more useful than complete information delivered late.

Data export

You can download a complete machine-readable copy of every record we hold on you at any time. The export includes your profile, every grading run (including soft-deleted runs in the 30-day recovery window), and API token metadata. It deliberately excludes the password hash and any plaintext API tokens — the file is data, not credential material.

No API token needed: sign in at api.lexgrade.com/profile and click Download my data in the Data & Privacy section. The file downloads directly in your browser.

Alternatively, generate an API token from your Profile page, then run:

curl -H "Authorization: Bearer <token>" \
     https://api.lexgrade.com/v1/user/export \
     -o lexgrade-export.json

The response is streamed JSON with Content-Disposition: attachment, so a browser request to the same URL also downloads the file directly. The export is generated on demand — there is no background job, no waiting queue, and no email handoff.

Your rights (California and beyond)

Under the California Consumer Privacy Act (CCPA) as amended by the CPRA, California residents have the rights described below. LexGrade honors these rights for all users regardless of location.

• Right to know / Right to access — you can request disclosure of the categories and specific pieces of personal information we have collected about you. Email hello@lexgrade.com with the subject line “Data access request”; we’ll respond within 45 days with a JSON export. Or use the in-app Download my data button.
• Right to deletion — you can delete any individual verification run from its detail page, and you can delete your whole account (which removes all your runs) from your Profile page after logging in. No “talk to support” loop. Note: deleting from LexGrade removes your data from our systems; upstream providers such as Anthropic may retain data briefly per their own policies.
• Right to correct — you can edit your name and email from your Profile page. To correct other data, email hello@lexgrade.com.
• Right to portability — you can download a complete JSON export of every record we hold on you from the Data export section above. If you’d rather not use the in-app tool, email hello@lexgrade.com with the subject “Data export request” and we will send you the same file by hand.
• Right to opt out of sale or sharing — we do not sell or share your personal information for cross-context behavioral advertising, so no opt-out mechanism is required. If this ever changes, we will update this policy and provide an opt-out before the change takes effect.
• Right to non-discrimination — exercising any privacy right will not result in different service levels or pricing.
• Right to limit use of sensitive personal information — we do not collect or use sensitive personal information (as defined by CPRA) beyond what is necessary to provide the service.
• Right to object / restrict processing — if you want us to stop processing your data without deleting it (for example, to preserve evidence in pending litigation), email hello@lexgrade.com.

To exercise any of these rights, contact us at hello@lexgrade.com. We will respond within 45 days. We may ask you to verify your identity before fulfilling a request.

How to delete your data

1. Sign in at api.lexgrade.com.
2. To delete a single verification run: open the run, click Delete run. It is removed from your account immediately, then permanently purged from our servers after the 30-day recovery window described above.
3. To delete your whole account and every run: open Profile, scroll to “Delete account,” confirm. This is permanent and cannot be undone (no Trash step).
4. If you can’t sign in and need help deleting an account, email hello@lexgrade.com from the email address on the account.

Children

LexGrade is not directed to children under 13 and we do not knowingly collect data from children under 13. If you believe a child has created an account, email us and we will delete it.

Changes to this policy

If we change this policy in a way that materially affects how we handle your data, we will surface the change on the site and (if you have an account) by email before the change takes effect. The Last updated date at the top of this page always reflects the current version.

Contact

Questions about this policy, requests to exercise your rights, or anything else: hello@lexgrade.com. We respond within 45 days, usually within 48 hours.