Law Lens Uganda

Legal

Privacy Policy

Last updated: March 2026

Law Lens is committed to protecting personal, organizational, and platform data. This policy explains what we collect, how we use it, how we protect it, and the choices available to users and organizations.

What we collect

Account info, usage data, uploaded documents, and support interactions

How we protect it

Encryption in transit and at rest, access controls, and continuous monitoring

Your rights

Access, correction, deletion, data export, and objection where applicable

1. Scope

This Privacy Policy applies to:

  • Website visitors
  • Individual account holders
  • Organizational users (team and enterprise accounts)
  • Uploaded documents, internal records, and workspace data
  • Support, sales, and onboarding interactions

2. Information We Collect

Account and Profile Information

  • Name and email address
  • Phone number (if provided)
  • Organization name and details
  • Role and account preferences

Usage and Activity Data

  • Search queries and chat activity
  • Feature usage and interaction patterns
  • Session, device, and browser data
  • Billing and subscription interactions

Documents and Workspace Data

  • Uploaded contracts, policies, records, and internal documents
  • Document metadata and indexing data
  • Workspace and organizational knowledge-base content
  • Prompts, outputs, and interactions tied to user workflows

Support and Communications

  • Emails and support requests
  • Demo and sales conversations
  • Feedback and feature submissions
  • Onboarding interactions

3. How We Use Information

  • Provide and operate the platform
  • Authenticate users and manage access
  • Enable legal research, document analysis, and knowledge workflows
  • Support organizational workspaces and internal knowledge bases
  • Improve product quality, reliability, and security
  • Provide customer support and onboarding
  • Process billing and subscription management
  • Comply with legal and regulatory obligations

4. Organizational Data and Internal Knowledge Bases

Documents and internal records uploaded by organizations are processed to enable search, retrieval, analysis, compliance workflows, and internal knowledge-base features. Organizational content is handled as customer data and used to provide the contracted service — not to make that organization's internal information public or available to other customers.

We do not use organizational data to train AI models or share it outside the organization's workspace unless required by law.

5. Legal Basis for Processing

We process information where necessary to provide the service, maintain security, improve platform performance, communicate with users, and comply with legal obligations. Where applicable law requires consent, we will obtain it before processing.

6. Sharing and Disclosure

We may share information with:

  • Infrastructure and cloud service providers (e.g., AWS)
  • Payment processors for subscription billing
  • AI inference providers for language model processing
  • Analytics and security monitoring providers
  • As required by law, regulation, or valid legal process
  • In connection with a business transfer, merger, or acquisition (if ever applicable)

We do not:

  • Sell personal data
  • Expose private organizational documents publicly
  • Use customer data for advertising

7. Data Retention

  • Account data is retained while the account is active
  • Support and billing records are retained as required for business and legal purposes
  • Organizational and workspace data is retained according to product and contractual requirements
  • Deleted accounts or documents may remain in encrypted backups for a limited period
  • Enterprise customers may negotiate custom retention and deletion schedules

8. Security

  • Encryption in transit (TLS) for all platform communications
  • Encryption at rest (AES-256) for stored data where applicable
  • Role-based access controls for team and enterprise workspaces
  • Continuous monitoring and security safeguards
  • No system is absolutely risk-free — we implement commercially reasonable measures to protect your data

9. User and Organization Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information and organizational data
  • Object to or restrict certain processing where applicable
  • Close your account
  • Manage team member access and data (for organization administrators)

To exercise any of these rights, contact us at the address below.

10. International Infrastructure

Our platform is hosted on Amazon Web Services (AWS) cloud infrastructure. Data may be processed and stored in regions where our infrastructure providers operate. We require all third-party providers to maintain appropriate security standards and process data only as necessary to provide their services.

11. Children

Law Lens is not intended for use by children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the “Last updated” date. For material changes, we will notify registered users by email or through the platform.

13. Contact

For privacy-related inquiries, data access requests, or concerns about how your information is handled:

privacy@lawlens.io