Privacy Policy
Last updated: March 2026
CaseSolo (“we,” “our,” or “us”) is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, store, and share information when you use the CaseSolo platform, website, and related services (collectively, the “Service”). By using the Service, you agree to the practices described in this policy.
CaseSolo is an AI-native case management platform designed for personal injury law firms. We understand the sensitive nature of legal data and take our obligations seriously.
1. Information We Collect
1.1 Information You Provide
- Account Information: Name, email address, phone number, law firm name, bar number (if applicable), and billing address when you create an account.
- Payment Information: Credit card details and billing information, processed and stored securely by our payment processor, Stripe. We do not store your full credit card number on our servers.
- Case Data: Information you upload or enter into the Service, including case details, client information, medical records, documents, notes, and correspondence.
- Communications: Messages you send to us through support channels, feedback forms, or email.
1.2 Information Collected Automatically
- Usage Data: Pages visited, features used, actions taken, timestamps, and session duration.
- Device Information: Browser type, operating system, device type, screen resolution, and language preferences.
- Network Information: IP address, referring URL, and general geographic location (city/region level).
- Log Data: Server logs that record requests made to our Service, including request type, timestamps, and response status.
2. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service.
- Process your cases, documents, and data through our AI-powered features, including demand letter drafting, medical records summarization, and task automation.
- Process payments and manage your subscription.
- Send transactional communications, including account confirmations, billing notices, deadline reminders, and security alerts.
- Provide customer support and respond to your inquiries.
- Improve the Service through analytics, usage patterns, and user feedback.
- Detect, prevent, and address fraud, abuse, and security issues.
- Comply with legal obligations and enforce our Terms of Service.
We do not use your case data, client information, or uploaded documents to train machine learning models. AI features process your data in real time to provide outputs and do not retain your data beyond what is necessary to deliver the requested functionality.
3. Data Storage and Security
Your data is stored on secure, encrypted servers hosted in the United States. We implement industry-standard security measures, including:
- Encryption of data in transit (TLS 1.2+) and at rest (AES-256).
- Role-based access controls and least-privilege principles.
- Regular security audits and vulnerability assessments.
- Automated backups with encrypted storage in geographically separate locations.
- Multi-factor authentication support for user accounts.
While we implement robust security measures, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but are committed to protecting your data using commercially reasonable safeguards.
4. Third-Party Services
We use the following categories of third-party services to operate CaseSolo. These providers are contractually obligated to protect your data:
- Payment Processing (Stripe):Stripe processes all payment transactions. Stripe's handling of your payment data is governed by the Stripe Privacy Policy. Stripe is PCI DSS Level 1 certified.
- AI Providers: We use third-party AI models to power features such as document drafting, summarization, and analysis. Data sent to AI providers is transmitted securely and is not used by those providers to train their models. We maintain data processing agreements with all AI providers.
- Cloud Infrastructure: We use reputable cloud hosting providers for data storage, compute, and content delivery, with industry-standard physical, network, and encryption controls. Data is encrypted in transit and at rest.
- Analytics: We use privacy-respecting analytics tools to understand how the Service is used. Analytics data is aggregated and does not include case-specific or client-identifying information.
- Email Services: Transactional emails (account verification, billing receipts, deadline reminders) are sent through third-party email providers.
5. Cookies and Tracking Technologies
CaseSolo uses cookies and similar technologies for the following purposes:
- Essential Cookies: Required for the Service to function, including session management and authentication.
- Preference Cookies: Remember your settings and preferences, such as display options and timezone.
- Analytics Cookies: Help us understand how users interact with the Service to improve performance and usability.
We do not use advertising or third-party tracking cookies. You can manage cookie preferences through your browser settings. Disabling essential cookies may impair the functionality of the Service.
6. Data Retention
We retain your information as follows:
- Account Data: Retained for the duration of your account and for up to 30 days following account deletion to allow for data export.
- Case Data: Retained for the duration of your account. Upon account termination, case data is available for export for 30 days, after which it is permanently deleted.
- Payment Records: Retained for up to 7 years as required for tax and financial reporting obligations.
- Usage and Log Data: Retained for up to 12 months for analytics and security purposes, then aggregated or deleted.
- Support Communications: Retained for up to 3 years to improve our support processes and maintain continuity.
7. Data Sharing
We do not sell your personal information. We may share your information only in the following circumstances:
- With Your Consent: When you authorize us to share information with a third party.
- Service Providers: With trusted third-party vendors who assist us in operating the Service, subject to data processing agreements.
- Legal Requirements: When required by law, subpoena, court order, or government request.
- Safety and Security: To protect the rights, safety, or property of CaseSolo, our users, or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, in which case your data would remain subject to this Privacy Policy.
8. Your Rights (Including CCPA)
Depending on your jurisdiction, you may have the following rights regarding your personal information:
- Right to Know: Request details about the categories and specific pieces of personal information we have collected about you.
- Right to Delete: Request deletion of your personal information, subject to certain legal exceptions.
- Right to Correct: Request correction of inaccurate personal information.
- Right to Portability: Request a copy of your data in a structured, commonly used, machine-readable format.
- Right to Opt-Out: We do not sell personal information. If this changes, we will provide a mechanism to opt out.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise any of these rights, please contact us at privacy@casesolo.com. We will respond to verified requests within 45 days. For California residents, these rights are provided pursuant to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).
9. Children's Privacy
CaseSolo is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at privacy@casesolo.com.
10. International Data Transfers
CaseSolo is operated from the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States. By using the Service, you consent to the transfer of your information to the United States, where data protection laws may differ from those in your jurisdiction.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a prominent notice within the Service at least 30 days before the changes take effect. The “Last updated” date at the top of this page indicates the most recent revision.
Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.
12. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
- Email: privacy@casesolo.com
- General Inquiries: legal@casesolo.com
- Website: www.casesolo.com