Privacy Policy

Effective Date: March 7, 2026

1. Information We Collect

AI Detector Pro ("ADP"), a product of Find A Way, LLC, doing business as Find A Way Limited ("FAWL," "we," "us," "our") (working title — entity name subject to change upon formal registration), collects the following information:

• Documents you upload: PDF, DOCX, or TXT files submitted for citation verification. We extract text content to process citations.
• Account information: If you create an account: your name, email address, and a securely hashed version of your password.
• Expert Review contact info: If you request an Expert Review: your name, email, phone number (optional), and any notes you provide.
• Usage data: IP address (for rate limiting only), request timestamps, and document file names.
• Deep Analysis data: When you use Deep Analysis, document summaries, citation text, and surrounding context excerpts are sent to third-party AI providers for processing (see Section 3).

2. How We Use Your Information

• Citation verification: Your document text is processed to extract and verify legal citations. Citation text may be sent to third-party APIs (CourtListener, Google Scholar) as search queries to verify case law.
• Expert Review: Your contact information is used to communicate about your Expert Review request.
• Account management: Email and name are used for authentication and identification.
• Rate limiting: IP addresses are used solely to enforce rate limits and prevent abuse.
• AI-powered analysis: Citation text and document context are sent to third-party AI language model providers (Anthropic and OpenAI) for Deep Analysis assessments.
• Email communications: We send transactional emails (account confirmation, password reset, expert review notifications) and promotional/marketing emails (feature announcements, special offers, discounts). Marketing emails include an unsubscribe link; opting out does not affect transactional emails.

3. Third-Party Services

ADP uses the following third-party services to operate:

Citation Verification (Tier 1):

• CourtListener (Free Law Project) — case law database API. Receives citation text and case names as search queries.
• Google Scholar — academic and legal search. Receives citation text as search queries.
• Web search engines (via DuckDuckGo, Bing, Brave, and others) — last-resort fallback for case verification. Receives citation text as search queries.

AI Analysis (Deep Analysis):

• Anthropic (Claude) — AI language model provider. Receives citation text, surrounding document context, and document summaries for analysis.
• OpenAI (GPT) — AI language model provider. Receives the same data as Anthropic for independent analysis.

Other Services:

• Google Analytics 4 — anonymized website usage analytics (see Section 10).
• Sentry (error monitoring, if configured) — collects error reports including request metadata to help us diagnose technical issues. No document content or personal information is included in error reports.

Each third-party service processes data under its own privacy policy and terms of service. For citation verification, we send only citation text — not your full document or personal information. For AI analysis, document context and summaries are sent as described above.

4. Data Retention

• Anonymous uploads: Documents processed without an account are not stored after processing is complete. Extracted text exists only in server memory during processing and is discarded when the request ends.
• Authenticated uploads: If you have an account, your uploaded documents, extracted text, and generated reports (including Verification Reports and Deep Analysis reports) are stored on our servers so you can access them later. This data is stored indefinitely until you request deletion. You may request deletion of individual documents or your entire account at any time by contacting us.
• Expert Review requests: Contact information, document references, and review results are stored until the review is completed and delivered, plus 90 days for record-keeping.
• Account data: Stored until you request account deletion. Upon deletion, all associated documents, reports, and personal data are permanently removed.
• AI provider data: Data sent to AI providers (Anthropic, OpenAI) is subject to each provider's retention policies. ADP does not store AI provider responses beyond the generated analysis report.
• Database backups: Encrypted backups are retained for 30 days for disaster recovery purposes, then permanently deleted.
• Error logs: Error monitoring data (if configured) is retained per the monitoring provider's policy.

5. Data Security

We use industry-standard security measures to protect your data:

• All connections are encrypted via HTTPS/TLS.
• Passwords are hashed using bcrypt (never stored in plaintext).
• Uploaded files are stored in restricted server directories.
• Database access is limited to the application server.
• Authentication tokens (JWT) are stored in your browser's localStorage and transmitted only over encrypted HTTPS connections.
• Database backups are stored in restricted server directories with limited access.

6. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify affected users in accordance with Florida Statute § 501.171 and any other applicable data breach notification laws. Notification will be sent to the email address associated with your account no later than 30 days after discovery of the breach. Notification will include: the nature of the breach, the types of data affected, steps we are taking in response, and steps you can take to protect yourself.

7. Who Can Access Your Data

Access to your uploaded documents, extracted text, and generated reports is restricted to:

• You: Only you can view your documents and reports through your authenticated account.
• ADP administrators: A limited number of ADP operators may access stored data for the purposes of providing the Service, troubleshooting technical issues, responding to support requests, or fulfilling Expert Review orders. ADP administrators do not review your documents unless necessary for these purposes.
• Third-party AI providers: As described in Section 3, citation text and document context are sent to Anthropic and OpenAI during Deep Analysis. These providers process data under their own privacy policies.
• Legal process: We may be compelled to disclose your data in response to valid legal process. See Section 8 below for our detailed policy on how we handle law enforcement and legal requests.

We do not sell, rent, or share your documents or reports with any third party for marketing or commercial purposes. We do not provide access to your data to other users of the Service.

8. Law Enforcement and Legal Requests

ADP is committed to protecting your privacy. We do not voluntarily provide user data to law enforcement or any third party. We will only disclose your data when legally compelled to do so, and under the following conditions:

• Valid legal process required: We require a valid subpoena, court order, search warrant, or other binding legal process before disclosing any user data. We do not honor informal requests, voluntary requests, or demand letters from law enforcement or private parties.
• User notification: If we receive a legal request for your data, we will notify you at the email address associated with your account before disclosing any information, so that you have the opportunity to seek legal counsel or move to quash the request. We will provide at least 7 days' notice before disclosure unless we are legally prohibited from doing so (e.g., by a court-issued gag order or sealed warrant).
• Narrow compliance: If compelled to disclose, we will produce only the specific data identified in the legal process — nothing more. We do not provide bulk or blanket access to user data.
• Challenge overbroad requests: Where feasible, we will object to legal requests that we believe are overly broad, unduly burdensome, or otherwise legally deficient. We reserve the right to challenge any request we believe does not comply with applicable law.
• No data mining for law enforcement: We do not proactively monitor, scan, or analyze user documents or reports for the purpose of reporting to law enforcement or any government agency.

Emergency exceptions: In rare cases involving imminent risk of death or serious physical injury, we may disclose limited data to appropriate authorities without a court order, consistent with applicable law. We will notify the affected user as soon as legally permissible after any such disclosure.

9. Confidential and Privileged Information

Do not upload documents containing attorney-client privileged communications, work product, or other confidential information that you wish to remain protected. While ADP uses security measures to protect your data, uploading a document to ADP may constitute disclosure to a third party (including third-party AI providers), which could waive or compromise attorney-client privilege or other legal protections.

ADP is not a law firm, does not provide legal services, and cannot guarantee the confidentiality protections that an attorney-client relationship provides. You are solely responsible for determining whether uploading a particular document is appropriate given its confidentiality status.

10. Cookies and Tracking

ADP uses Google Analytics 4 (GA4) to understand how visitors use our site. GA4 collects anonymized usage data such as pages visited, session duration, and general geographic region. GA4 uses first-party cookies to distinguish unique users; these cookies do not contain personal information. We do not use advertising cookies or share analytics data with third parties for advertising purposes. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on. We also store a theme preference (dark/light mode) and authentication tokens in your browser's localStorage. These values are not cookies but serve similar functions; authentication tokens are transmitted to our servers over HTTPS with each authenticated request, while theme preferences remain local.

11. Your Rights

You have the right to:

• Access: Request a copy of the personal data we hold about you.
• Deletion: Request deletion of your account and all associated data.
• Correction: Request correction of inaccurate personal data.
• Portability: Request your data in a portable format.

To exercise any of these rights, contact us at support@aidetectorpro.com. We will respond within 30 days.

12. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete it, and the right to opt out of sale of personal information. We do not sell personal information.

13. Children's Privacy

ADP is not intended for use by children under 18. We do not knowingly collect personal information from minors. If you believe a child has provided us personal information, contact us and we will delete it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Your continued use of the Service constitutes acceptance of the updated policy.

15. Contact

For privacy-related questions or requests, contact: support@aidetectorpro.com

Find A Way, LLC (working title)
Pensacola, FL
United States