TrustData Processing Agreement

The DPA template, in summary.

Eve-Legal, LLC offers a standard Data Processing Agreement (DPA) for customers processing matter data through JustineAI™. The template is the executed agreement for customers without their own bespoke template; outside counsel may also propose their template, which we will review against the JustineAI™ data-handling commitments documented across these Trust pages.

What the DPA covers

  • Roles. Eve-Legal, LLC as data processor; the customer as data controller (the firm holds the attorney-client relationship and the underlying client consents).
  • Subject matter and duration. Processing for the duration of the JustineAI™ subscription term plus the contractual retention period.
  • Nature and purpose. Generation of attorney-attested work product through the JustineAI™ workflow; audit-log retention; integration with authorised subprocessors.
  • Categories of data subjects. Clients of the law firm, opposing parties referenced in matter records, witnesses, providers, expert witnesses.
  • Categories of personal data. Names, contact information, demographic data, medical records, employment records, financial information relevant to matter handling.
  • Security measures. Per the data-handling page and the security FAQ.
  • Subprocessors. Per the subprocessors page; material additions notified in advance via the mechanism set out in the DPA.
  • Data subject rights. Eve-Legal, LLC assists the customer in responding to data-subject access, correction, and deletion requests as required by applicable US state privacy laws.
  • Breach notification. Customers are notified within the statutory window for the most-protective applicable jurisdiction. Per the incident-response page.
  • Term and termination. Survives the subscription agreement for the duration of the contracted retention period; data return / deletion handled per the customer’s election.
  • Audit rights. The customer’s third-party auditor may conduct a proportionate audit on commercially reasonable terms; SOC 2 Type II reports (when issued for the JustineAI™ product layer) are accepted in lieu of bespoke auditing.

How to obtain the DPA

Email legal@justineai.com with the firm name, the contracting entity, the practice area in scope, and the anticipated start date of the engagement. We will send the current DPA template within one business day, along with any commercial-track-specific addenda.

For firms with their own DPA template, send the template by the same channel. We will respond with a markup against our standard data-handling commitments. The review window is typically three to five business days.

The contracting counterparty

The DPA is executed between Eve-Legal, LLC (as data processor) and the customer (as data controller). MindHYVE.ai, Inc. is identified as the corporate parent in the preamble of the agreement; it is not a party to the DPA itself. This mirrors the per-vertical operating LLC pattern across the MindHYVE.ai™ portfolio.

Mailing address for legal notice: 1501 Quail Street, Suite 130, Newport Beach, CA 92660, USA.

← Back to Trust posture