HomeTermsPrivacyCookies

AI-powered legal case management

Log InGet Started

Cookie Preferences

You can manage your cookie preferences at any time in Settings → Privacy

LegalPixel Cookie Policy

DRAFT - REQUIRES LEGAL COUNSEL REVIEW BEFORE USE

Effective Date: [EFFECTIVE_DATE] Last Updated: [LAST_UPDATED_DATE]

What Are Cookies?

Cookies are small text files stored on your device (computer, phone, tablet) when you visit a website. They help websites remember your preferences, keep you logged in, and understand how you use the site.

Types of cookies:

  • Session cookies: Temporary, deleted when you close your browser
  • Persistent cookies: Remain on your device until expiration or manual deletion
  • First-party cookies: Set by LegalPixel (legalpixel.com)
  • Third-party cookies: Set by external services (analytics, advertising)

Why We Use Cookies

LegalPixel uses cookies to:

  • Remember your login (stay signed in across sessions)
  • Improve your experience (remember language preferences, case uploads)
  • Understand how you use the site (page views, time spent, popular features)
  • Secure the site (prevent CSRF attacks, detect suspicious activity)
  • Measure marketing effectiveness (if you use marketing cookies)

We do NOT use cookies to:

  • Sell your data (we never sell user data)
  • Track you across the web (no cross-site tracking)
  • Serve personalized ads (unless you opt in to marketing cookies)

Cookies We Use

1. Essential Cookies (Always Enabled)

These cookies are necessary for the website to function. You cannot disable them without breaking core features.

Cookie Name Purpose Expiration First/Third-Party
session Keeps you logged in 30 days First-party (LegalPixel)
csrf_token Prevents cross-site request forgery (security) Session First-party
cookie_consent Remembers your cookie preferences 1 year First-party

Why we can't ask for consent: Essential cookies are exempt from ePrivacy Directive (EU Cookie Law) because they are strictly necessary for service functionality.

2. Analytics Cookies (Optional - Requires Consent)

These cookies help us understand how users interact with LegalPixel. We use this data to improve the platform (find bugs, optimize UX, prioritize features).

PostHog (Analytics & Product Analytics)

Cookie Name Purpose Expiration First/Third-Party
ph_* (PostHog ID) Tracks page views, user actions, feature usage 1 year Third-party (PostHog)

What we track:

  • ✅ Page views (which pages you visit)
  • ✅ Button clicks (which features you use)
  • ✅ Time spent on site (engagement metrics)
  • ✅ Anonymized IP address (city/country level, not full IP)

What we DO NOT track:

  • ❌ Personally identifiable information (name, email, case details)
  • ❌ Cross-site tracking (we only track on legalpixel.com)
  • ❌ Sensitive data (passwords, payment info, Social Security numbers)

PostHog Privacy Policy: https://posthog.com/privacy

Hotjar (Session Recording & Heatmaps)

Cookie Name Purpose Expiration First/Third-Party
_hjSessionUser_* Identifies unique visitors across sessions 1 year Third-party (Hotjar)
_hjSession_* Holds current session data 30 minutes Third-party (Hotjar)

What we track:

  • ✅ Mouse movements and clicks (heatmaps)
  • ✅ Session recordings (anonymized, sensitive data masked)
  • ✅ Form analytics (which fields users struggle with)

What we mask (not recorded):

  • ✅ Password fields (never recorded)
  • ✅ Credit card fields (never recorded)
  • ✅ Social Security numbers (never recorded)
  • ✅ Any field marked "sensitive" in code

Hotjar Privacy Policy: https://www.hotjar.com/legal/policies/privacy

3. Marketing Cookies (Optional - Requires Consent)

Currently NOT used. If we add marketing cookies in the future (Google Ads, Facebook Pixel, etc.), we will:

  • ✅ Update this policy
  • ✅ Request explicit consent via cookie banner
  • ✅ Allow opt-out at any time

If you opted in previously: You can withdraw consent at any time (see "How to Manage Cookies" below).

How We Use Cookie Data

Analytics Insights

We use analytics data to:

  • Identify bugs: If many users abandon case upload, investigate UX issues
  • Prioritize features: If lawyers rarely use RAG search, deprioritize improvements
  • Optimize performance: If legal pages load slowly, optimize images/code
  • Measure growth: Track signups, case uploads, lawyer matches over time

Aggregated & De-Identified

  • Aggregated reports: "50% of users clicked 'Accept Case' within 24 hours" (no individual user data)
  • De-identified: User IDs are pseudonymized (hashed), not linked to real names
  • No selling data: We never sell analytics data to third parties

Data Retention

  • PostHog: 90 days (rolling window, older data deleted)
  • Hotjar: 365 days (session recordings deleted after 1 year)
  • Essential cookies: Until you delete them or they expire

Your Cookie Rights (GDPR & ePrivacy Directive)

European Union (EU) Users

Under the ePrivacy Directive (EU Cookie Law) and GDPR, you have the right to:

  • Know what cookies are used (see tables above)
  • Give informed consent (cookie banner explains purpose)
  • Withdraw consent at any time (see "How to Manage Cookies" below)
  • Opt out of non-essential cookies (analytics, marketing)

Our compliance:

  • Opt-in by default: Non-essential cookies disabled until you accept
  • Granular consent: Separate choices for analytics vs marketing
  • Easy withdrawal: One-click opt-out in Settings

California Users (CCPA)

California residents have the right to:

  • Know what data is collected via cookies (see "What We Track" above)
  • Opt out of sale of personal information (we don't sell data, so this doesn't apply)

Note: CCPA applies to "personal information," but anonymized analytics data is not considered personal information.

Other Jurisdictions

  • Canada (PIPEDA): Implied consent for non-sensitive cookies (session), express consent for analytics
  • UK (UK GDPR): Same as EU (opt-in for non-essential cookies)
  • Australia (Privacy Act): Cookies not specifically regulated, but data collection requires notice (this policy)

How to Manage Cookies

Option 1: Cookie Consent Banner (Recommended)

When you first visit LegalPixel, you'll see a cookie banner:

  • "Accept All" - Enables all cookies (essential + analytics + marketing)
  • "Reject All" - Only essential cookies (no analytics or marketing)
  • "Customize" - Choose which cookie categories to enable

To change your preferences later:

  1. Scroll to footer → Click "Cookie Settings"
  2. Cookie banner reappears
  3. Update your preferences

Option 2: Settings Page

  1. Log in to your account
  2. Go to Settings → Privacy → Cookie Preferences
  3. Toggle analytics/marketing cookies on/off
  4. Click Save Preferences

Effect: Changes apply immediately (analytics scripts unload, existing cookies deleted).

Option 3: Browser Settings

You can block cookies entirely in your browser:

Chrome:

  1. Settings → Privacy and Security → Cookies and other site data
  2. Select "Block third-party cookies" or "Block all cookies"

Firefox:

  1. Settings → Privacy & Security → Cookies and Site Data
  2. Select "Delete cookies and site data when Firefox is closed"

Safari:

  1. Preferences → Privacy
  2. Check "Block all cookies"

Edge:

  1. Settings → Cookies and site permissions → Manage cookies
  2. Toggle "Block third-party cookies"

Warning: Blocking all cookies will break LegalPixel's core functionality (you won't be able to log in).

Option 4: Do Not Track (DNT)

Most browsers support "Do Not Track" (DNT) signals. LegalPixel respects DNT:

  • ✅ If DNT enabled: We treat it as "Reject All" (no analytics/marketing cookies)
  • ❌ DNT not universally enforced (some websites ignore it)

How to enable DNT:

  • Chrome: Settings → Privacy and Security → Send "Do Not Track" request
  • Firefox: Settings → Privacy & Security → Send websites a "Do Not Track" signal
  • Safari: Automatically enabled (Intelligent Tracking Prevention)

Third-Party Cookie Policies

LegalPixel uses third-party services that set cookies. Review their policies:

Service Purpose Privacy Policy
Anthropic (Claude AI) Document processing, chatbot https://www.anthropic.com/privacy
Voyage AI Semantic search embeddings [Voyage privacy URL]
Supabase Database, authentication https://supabase.com/privacy
Stripe Payment processing https://stripe.com/privacy
PostHog Analytics https://posthog.com/privacy
Hotjar Session recording https://www.hotjar.com/legal/policies/privacy
Vercel Web hosting https://vercel.com/legal/privacy-policy

Data Processing Agreements (DPAs): LegalPixel has signed GDPR-compliant DPAs with all third parties handling EU user data (Anthropic, Supabase, Stripe, PostHog, Hotjar).

Cookies and Sensitive Legal Data

What Cookies DO NOT Contain

Cookies on LegalPixel never contain:

  • ❌ Case details (parties, facts, evidence)
  • ❌ Legal documents (PDFs, court orders, WhatsApp logs)
  • ❌ Passwords or authentication tokens (only session IDs)
  • ❌ Payment information (credit card numbers, bank accounts)
  • ❌ Social Security numbers or government IDs

What Cookies DO Contain

Cookies only store:

  • ✅ Session IDs (random strings linking to your server-side session)
  • ✅ User IDs (pseudonymized hashes, not real names)
  • ✅ Preferences (language, cookie consent choices)

Encryption: Session cookies are encrypted (HTTPS only, secure flag, httpOnly flag to prevent JavaScript access).

Cookie Consent for Children

LegalPixel requires users to be 18 years or older. If you are under 18:

  • ❌ Do not create an account
  • ❌ Do not accept cookies
  • ✅ Ask a parent/guardian to create an account on your behalf

COPPA Compliance (US): We do not knowingly collect data from children under 13. If we discover a child under 13 has created an account, we will delete it immediately.

Changes to This Cookie Policy

LegalPixel may update this Cookie Policy to reflect:

  • ✅ New cookies added (e.g., marketing cookies in the future)
  • ✅ Changes to third-party services (e.g., switching from Hotjar to another analytics tool)
  • ✅ Legal requirements (e.g., new ePrivacy Regulation in EU)

How we notify you:

  • Material changes: Email notification + banner on site (30 days before effective)
  • Non-material changes: Update "Last Updated" date (no email notification)

Your action: Review updated policy and re-consent if needed (we'll prompt you).

Contact Us About Cookies

For questions about this Cookie Policy:

Email: [PRIVACY_EMAIL] (e.g., privacy@legalpixel.com) Subject Line: "Cookie Policy Question"

Mailing Address: [COMPANY_NAME] [COMPANY_ADDRESS]

Response Time: We aim to respond within 3 business days.

Related Policies

For more information about how we handle your data:

  • Privacy Policy: [Link to PRIVACY-POLICY.md] - Comprehensive data protection policy (GDPR, CCPA)
  • Terms of Service: [Link to TERMS-OF-SERVICE.md] - Platform usage terms
  • Client Terms: [Link to CLIENT-TERMS.md] - Client-specific terms
  • Lawyer Terms: [Link to LAWYER-TERMS.md] - Lawyer-specific terms

Cookie Policy Summary (TL;DR)

What cookies we use:

  • Essential: Login, security (always enabled, no consent needed)
  • Analytics: PostHog, Hotjar (optional, requires consent)
  • Marketing: Not currently used (would require consent if added)

Your rights:

  • ✅ Know what cookies are used (this policy)
  • ✅ Accept or reject non-essential cookies (cookie banner)
  • ✅ Change your mind at any time (Settings → Privacy)
  • ✅ Use browser settings to block cookies (may break site)

Our promise:

  • ✅ Never sell cookie data
  • ✅ Never track you across other websites
  • ✅ Always respect your consent choices
  • ✅ Always mask sensitive data in session recordings

Questions? Email [PRIVACY_EMAIL]

DRAFT - REQUIRES LEGAL COUNSEL REVIEW BEFORE USE

Last Updated: [LAST_UPDATED_DATE] Version: 1.0 (DRAFT)

END OF COOKIE POLICY

← Privacy PolicyLawyer Terms →