Privacy notice.

This Notice applies to this marketing website (justinegrid.ai) and the JustineAI™ Platform. It applies to law firm administrators, attorneys, paralegals, authorized legal professionals, and prospects who interact with our marketing or sales surfaces. Where the Platform processes information on behalf of a law firm (its “controller”), the firm’s own privacy notice and its agreements with its clients also apply.

Information you provide. Account registration data (name, email, password, phone where relevant), professional profile (firm name, state bar admission, role), and matter data (client identifying information, case facts, medical and incident details, financial information, deadlines) when you use the Platform.

Information from contact forms. When you submit the contact form on this marketing site, we collect your name, work email, firm name, role, state, practice area, firm size, and message. The submission is logged in Azure Table Storage and relayed to our sales team via Microsoft Graph (primary) or Azure Communication Services (fallback).

Information collected automatically. IP address, user-agent, page URL, referrer, and event timestamps. We use these to operate, secure, and improve the site and Platform.

Information from integrations. When you authorize integrations (Microsoft Graph for OneDrive / Outlook, Filevine, Clio, ElevenLabs phone intake, CourtListener for citation verification), we receive only the data scopes you authorize.

To deliver, operate, secure, and improve the marketing site and the Platform; to generate AI-assisted artifacts you request (demand letters, chronologies, intake transcripts, etc.); to communicate about your account, sales conversations, support requests, and product updates; to maintain audit logs and compliance evidence; and to enforce our Terms.

AI processing. AI processing happens inside our Azure environment. Your firm’s matter data is processed only to generate the artifacts you request. Customer data is not used to train any model. Eve-Genesis (Law Edition) is 100% synthetic by construction.

We do not sell personal information. We do not share matter or client data for advertising, lead generation, or third-party legal research. We share information only with:

• Service providers under contract: Microsoft Azure (compute, storage, database, identity, monitoring); Microsoft Graph (email delivery for the contact form); Azure Communication Services (SMS for the Platform; contact-form email fallback); ElevenLabs (when you authorize phone intake); CourtListener (public citation verification only).
• Legal and regulatory authorities, where required by law or to defend our rights and the safety of users.
• Successors in a corporate transaction, subject to the same privacy commitments.

Encryption at rest and in transit. Authentication via Microsoft Entra ID. Azure RBAC for authorization. Multi-tenant isolation enforced at the data, network, and orchestration layers. Tamper-evident audit logging in Azure Monitor. The Microsoft Azure platform layer holds ISO 27001, ISO 27018, SOC 1/2/3, PCI DSS, and HITRUST attestations, inherited at the platform layer. JustineAI™’s own product-level attestations are tracked separately and surfaced on the Trust posture page as they finalize.

We retain account, matter, and audit data while your account is active and as required by law or contract. Audit logs are retained for a minimum of seven (7) years. AI usage logs are retained for three (3) years. Email verification tokens are invalidated after 24 hours. Cached AI responses expire after 60 minutes. Upon written deletion request, we delete or anonymize personal information within 90 days, subject to legal-hold and contractual retention obligations.

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, Iowa, Indiana, Tennessee, Montana, Oregon, Delaware, New Hampshire, New Jersey, Maryland, Minnesota, Rhode Island, Kentucky, or any other US state with a comprehensive consumer-privacy law, you have rights regarding the personal information we hold about you. We apply the most-protective applicable standard across jurisdictions and honor:

• Right to know — request the categories and specific pieces of personal information we hold about you.
• Right to access — receive a portable copy of your personal information.
• Right to correct — request correction of inaccuracies.
• Right to delete — subject to exceptions for legal compliance and security.
• Right to opt out of sale or sharing — applicable; we do not sell personal information.
• Right to non-discrimination for exercising privacy rights.

To exercise these rights, email privacy@justineai.com. We respond within 45 days; complex requests may extend to 90 days with notice.

The Platform sends case-related SMS messages only to recipients who have opted in, either through the intake form or by attorney consultation. SMS consent is not a condition of receiving legal services. Recipients may opt out at any time by replying STOP, UNSUBSCRIBE, CANCEL, QUIT, or END to any message. Standard message and data rates apply. SMS is transmitted via Azure Communication Services.

The Platform is not directed at children under 18 and is intended for use by licensed attorneys and authorized legal staff. We do not knowingly collect personal information from anyone under 18. Where matter data incidentally includes minor clients, the law firm’s attorney-client relationship governs and we process that data on the firm’s behalf only as needed to deliver the service.

The Platform processes information in US Azure regions. We do not currently offer general availability outside the United States. If you access the site from outside the US, you do so at your own discretion and your information may be transferred to US Azure infrastructure.

In the event of a security incident affecting your information, we will notify affected users in accordance with applicable US state breach-notification laws (including Cal. Civ. Code § 1798.82). State Attorneys General will be notified as required by the laws of affected residents’ states.

We may update this Notice periodically. Material changes will be communicated by email or prominent notice at least 30 days before they take effect.

For privacy questions, email privacy@justineai.com. The mailing address for the operating entity is 1501 Quail Street, Suite 130, Newport Beach, CA 92660, USA.