Privacy Policy

This policy applies to personal data processed by Juricloud while providing our SaaS applications, APIs, mobile experiences, onboarding, managed legal operations, or consulting engagements. It covers information relating to subscribers, advocates, client personnel, their customers, and visitors to our websites.

We collect data in three categories:

• Account & Billing Data: Name, business contact details, organization profile, billing information, invoicing history.
• Workspace Content: Documents, case files, evidence, comments, messages, and metadata uploaded or generated within the platform by you or your users.
• Operational Data: Device identifiers, IP address, location (approximate), usage logs, diagnostic events, support tickets, and configuration settings.

Sensitive or regulated information (e.g., privileged legal documents, client records) is processed solely under your direction as data controller.

Depending on your jurisdiction, we rely on: (a) performance of a contract, (b) compliance with legal obligations, (c) legitimate interests in delivering secure, reliable services, or (d) your consent (where required, such as for marketing or optional analytics). We will clearly identify when consent is sought and how it can be withdrawn.

• Provision, configuration, and maintenance of the Juricloud platform.
• Processing transactions, subscriptions, invoices, and compliance with our Terms of Service.
• Providing customer support, training, onboarding, and success services.
• Monitoring platform health, preventing fraud, detecting security incidents, and enforcing acceptable use.
• Improving features, developing AI-enabled enhancements, and generating de-identified analytics for legitimate business purposes.
• Sending product communications and service announcements. Marketing emails are optional and can be disabled at any time.

Juricloud implements a layered, zero-trust security model. Safeguards include:

• TLS 1.3 encryption in transit, customer-specific keys with AES-256 encryption at rest, and encrypted backups stored in separate availability zones.
• Role-based access control, granular permission sets, SSO/SAML support, multi-factor authentication, and automatic session hardening.
• Continuous vulnerability scanning, independent penetration testing, secure SDLC reviews, and 24/7 monitoring for anomalous behavior.
• Data segregation, audit trails, immutable logging, and tamper alerts to ensure evidence integrity.

If we detect unauthorized access, we will notify affected customers and regulators in accordance with applicable law.

Customers are responsible for defining access policies, managing user provisioning, and ensuring compliance with legal or professional obligations related to data uploaded into Juricloud. You must notify us immediately of any suspected credential compromise or misuse.

We retain personal data for as long as necessary to fulfill contractual obligations, comply with legal requirements, resolve disputes, and enforce agreements. Workspace content is retained according to the retention rules you configure. Upon termination or written request, we will delete or return Customer Data (subject to legal or archival requirements) within 30 days, following secure erasure protocols.

We do not sell personal information. We disclose data only to vetted subprocessors (cloud infrastructure, communications, billing) bound by confidentiality and data protection agreements. A current list of subprocessors is available on request. We may also disclose data to comply with lawful requests from public authorities or to protect our rights, users, or property.

Juricloud hosts data in secure data centers located in India and, where required by contract, in other regions. When personal data is transferred across borders, we implement appropriate safeguards such as Standard Contractual Clauses, data processing addenda, and regional segregation.

Subject to applicable law, you may request access, correction, deletion, restriction, or portability of your personal data. You can also object to certain processing or withdraw consent for marketing. Submit requests to privacy@juricloud.co. We will respond within the statutory timeframe.

We use cookies, device identifiers, and analytics SDKs to deliver core functionality, remember preferences, measure performance, and secure sessions. Non-essential cookies are used only with consent and can be managed through browser settings or in-app controls.

When powering AI or analytics features, we operate on encrypted data streams within secure compute environments. We may create aggregated, de-identified insights to improve our services or benchmarking. Such data cannot reasonably be re-linked to an identifiable individual.

Juricloud does not knowingly collect personal data from children under the age of 16. If we learn that such data has been provided without proper authorization, we will promptly delete it. Organizations using Juricloud must ensure their own compliance when processing minors’ information.

Juricloud uses Google OAuth to integrate Gmail functionality into our platform. This integration allows you to access, send, and manage your Gmail messages directly within Juricloud, streamlining your legal workflow. When you connect your Gmail account, we collect and process certain information in accordance with this section.

Information We Receive from Google

• Profile Information: Your name, email address, and Google account ID for account linking.
• Gmail Messages: Email content, attachments, metadata (sender, recipient, timestamps, subject lines) that you choose to access through Juricloud.
• OAuth Tokens: Access and refresh tokens to maintain your Gmail connection and enable seamless email operations.
• Account Permissions: Information about the Gmail scopes you have authorized for Juricloud to access.

How We Use Google OAuth Data

• To display your Gmail messages within the Juricloud platform for easy access and management.
• To enable you to send, reply to, and compose emails directly from Juricloud.
• To organize and categorize emails related to your legal cases and matters.
• To provide search and filtering capabilities across your Gmail messages.
• To attach email threads and messages as evidence or documentation to your cases.
• To sync email metadata for improved workflow automation and case management.

Data Sharing & Google's Privacy Policy

When you use Gmail integration, your use of Google's services is also governed by Google's Privacy Policy. We do not share your Gmail data with third parties. Your email content is processed solely to provide the integration features within Juricloud and is subject to the same security and encryption standards as all other data on our platform.

Data Storage & Retention

Gmail messages accessed through Juricloud may be cached temporarily to improve performance. Email attachments and threads that you explicitly save to cases are stored securely within your Juricloud workspace. We do not permanently store your entire Gmail mailbox on our servers unless you specifically choose to save individual messages or attachments.

Revoking Access

You can disconnect your Gmail account or revoke Juricloud's access at any time through your Google Account Permissions or from within your Juricloud account settings. Revoking access will disable Gmail integration features but will not affect your ability to use other Juricloud functionality. Any emails or attachments you previously saved to your cases will remain accessible.

We may update this policy to reflect legal, technical, or business developments. Material updates will be announced through the platform or by email, and the “Last updated” date will change accordingly. Continued use after updates constitutes acceptance.