Privacy Policy

Barrow Legal Technology, LLC.
Effective Date: 1/19/2026
Last Updated: 2/01/2026

Introduction

Barrow ("we," "our," or "us") provides document analysis software for legal professionals. We understand that confidentiality is fundamental to the practice of law, and we've built our service with that principle at its core.

This Privacy Policy explains how we collect, use, protect, and handle information when you use our website at barrow.legal and our document analysis service (collectively, the "Service").

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Name and email address

  • Organization or firm name

  • Password (stored in encrypted form)

  • Billing information (processed by our payment provider; we do not store full payment card numbers)

1.2 Documents You Upload

When you use our Service, you upload documents for analysis. We process these documents solely to provide you with analysis results. We do not read, review, or access the content of your documents for any purpose other than delivering the Service to you.

1.3 Analysis Outputs

When you use our Service, we generate structured analysis outputs including summaries, extracted entities, identified clauses, risk flags, and responses to your questions. You control whether these outputs are retained after document deletion.

1.4 Usage Information

We collect limited technical information to operate and improve our Service:

  • Log data (IP address, browser type, access times)

  • Feature usage patterns (aggregated and anonymized)

  • Error reports (with document content redacted)

1.5 Communications

If you contact us for support, we retain the content of those communications to assist you.

2. How We Use Your Information

We use your information only to:

  • Provide and operate the Service

  • Process your documents and deliver analysis results

  • Manage your account and process payments

  • Send service-related communications (e.g., security alerts, policy updates)

  • Respond to your support requests

  • Improve the Service (using aggregated, anonymized data only)

  • Comply with legal obligations

We do not:

  • Sell your information to third parties

  • Use your documents or their contents for marketing

  • Share your information with third parties for their own purposes

  • Use your documents to train, fine-tune, or improve AI models

3. AI Processing and Your Documents

3.1 How We Process Documents

When you upload a document, we use artificial intelligence to analyze its contents and generate structured outputs. This processing occurs solely to deliver your requested analysis.

3.2 No AI Training on Your Data

Your documents are never used to train, fine-tune, or improve our AI models or any third-party AI models. All processing is performed solely to deliver your analysis results. Once processing is complete and retention periods expire, your document data is permanently deleted.

3.3 Third-Party AI Providers

We use third-party AI services to power our document analysis. These providers are contractually prohibited from using your data to train their models. We select providers whose data handling practices meet our confidentiality standards.

4. Data Retention and Deletion

4.1 Document Retention

By default, uploaded documents and extracted text are automatically deleted 24 hours after upload. Firm administrators may extend this to 7 days if needed for ongoing analysis.

4.2 Immediate Deletion

You may delete any document immediately at any time using the "Delete Now" function. Deletion is permanent and cannot be undone.

4.3 Analysis Output Retention

At your option, you may retain memo-style outputs (summaries, flags, extracted data) after the source document is deleted. Chat history retention is also optional and can be disabled.

4.4 Account Data

If you close your account, we delete your account information and any retained data within 30 days, except as required to comply with legal obligations or resolve disputes.

5. Data Security

We implement security measures designed to protect your information:

5.1 Encryption

  • In Transit: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security).

  • At Rest: Stored data is encrypted using industry-standard encryption.

5.2 Tenant Isolation

Each organization's data is logically separated with strict access controls. Users from one organization cannot access another organization's documents, analysis outputs, or account information.

5.3 Access Controls

  • Access to production systems is restricted to authorized personnel

  • Administrative access requires multi-factor authentication

  • Access is logged and audited

5.4 Private File Storage

Uploaded documents are stored in private storage with time-limited, signed URLs. Documents are not publicly accessible and cannot be accessed without proper authentication.

5.5 Log Redaction

Our application logs do not contain document content, extracted text, or analysis outputs. We log only technical metadata necessary for system operation and troubleshooting.

6. Information Sharing

We share your information only in these limited circumstances:

6.1 Service Providers

We use third-party service providers to help operate our Service (e.g., cloud hosting, payment processing, AI processing). These providers are contractually obligated to protect your information and use it only to provide services to us.

6.2 Legal Requirements

We may disclose information if required by law, legal process, or government request, or to protect the rights, property, or safety of Barrow, our users, or others. Where permitted, we will notify you of such requests.

6.3 Business Transfers

If Barrow is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

7. Your Rights and Choices

7.1 Access and Correction

You may access and update your account information at any time through your account settings.

7.2 Deletion

You may delete individual documents at any time. You may request deletion of your account by contacting us at hello@barrow.legal.

7.3 Data Export

You may export your analysis outputs at any time using our export features.

7.4 Communications

You may opt out of promotional communications by following the unsubscribe instructions in those messages. You cannot opt out of service-related communications.

8. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Functions: Authentication, security, and session management

  • Analytics: Understanding how users interact with our Service (using privacy-respecting analytics that do not track individuals across sites)

We do not use advertising cookies or tracking pixels. We do not sell data to advertisers or data brokers.

9. Children's Privacy

Our Service is designed for legal professionals and is not intended for use by individuals under 18. We do not knowingly collect information from children.

10. International Data Transfers

Our Service is hosted in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States.

11. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and how we use it, the right to request deletion, and the right to opt out of sales of personal information. We do not sell personal information.

To exercise your rights, contact us at hello@barrow.legal.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the Service before the changes take effect. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Barrow Legal Technology, LLC.
Email: hello@barrow.legal

14. Important Disclaimers

14.1 Not a Law Firm

Barrow is a technology company, not a law firm. We do not provide legal advice. Our Service provides informational analysis that must be reviewed by a licensed attorney.

14.2 Your Responsibilities

You are responsible for determining whether use of third-party technology like Barrow requires client notice or informed consent under applicable professional responsibility rules. We recommend consulting your jurisdiction's ethics rules and opinions.

14.3 No Guarantee

While we implement security measures designed to protect your information, no system is completely secure. We cannot guarantee the absolute security of your information.

This Privacy Policy was last updated on 02/01/2026.