Privacy Policy

Last updated: November 15, 2025

JurisDrop Inc. ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and our secure file transfer services (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

1 Definitions

Subscriber

The legal professional or law firm that subscribes to our Service.

Subscriber Data

Information related to the Subscriber's account, including name, email, firm details, and payment information.

End-User

The client of a Subscriber who uses the Service to upload documents.

Client-Uploaded Data

Any files, documents, text, or other information an End-User uploads to the Service at the request of a Subscriber. This may include, but is not limited to, Protected Health Information (PHI), financial records, and other sensitive personal information.

2. Our Role as a Data Processor

As a Subscriber, you are the "Data Controller" for the Client-Uploaded Data. You determine the "why" and "how" of its collection.

JurisDrop acts as a "Data Processor" (or a "Business Associate" under HIPAA). We are a conduit for this data. We do not own, control, or make any decisions about Client-Uploaded Data, except as required to provide the Service or as instructed by you, the Subscriber.

3. Information We Collect

A. Information You Provide to Us (Subscriber Data)

  • Account Information: When you register for an account, we collect your name, firm name, email address, and password.
  • Payment Information: We use a third-party payment processor (Stripe) to handle payments. We do not store your full credit card details.

B. Information We Process on Your Behalf

We receive and store Client-Uploaded Data that End-Users submit through your secure upload links. This data is encrypted, stored, and made available only to you and the members of your designated workspace.

C. Information We Collect Automatically

  • Log and Usage Data: We collect standard log files and analytics data, such as IP addresses, browser type, pages visited, and timestamps. This helps us monitor and improve the Service.

4. How We Use Your Information

Subscriber Data

  • Provide, operate, and maintain the Service.
  • Process payments and manage subscriptions.
  • Send service alerts and invoices.
  • Respond to support requests.

Client-Uploaded Data

  • Receive data from the End-User.
  • Encrypt and store data in secure storage (S3).
  • Display data in your private dashboard.
Strict Policy: We will NEVER sell your data. We do not access Client-Uploaded Data except for technical support (with permission) or legal requirement.

5. Data Security

We implement industry-standard technical and organizational measures to protect the information we process. This includes:

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Secure Cloud Infrastructure (AWS)
  • Strict Access Controls

6. Third-Party Service Providers

We use a limited number of trusted vendors. We have BAA agreements in place where applicable.

  • Stripe: Payment processing.
  • Amazon Web Services (AWS): Secure file storage.
  • Render: Application hosting.

7. Data Retention

We retain Subscriber Data while your account is active. Client-Uploaded Data is retained according to your instructions and deleted permanently upon account closure.

8. Privacy Rights

Depending on your location (GDPR/CCPA), you may have rights to access or delete your data. Subscribers manage their own data; we assist with End-User requests as a processor.

9. Changes

We may update this policy. Significant changes will be notified via email or dashboard notice.

Questions about this policy?

Our Data Protection Officer is available to answer specific compliance questions.

Contact Privacy Team