Privacy Policy

Last updated: January 30, 2026

1. Introduction

Welcome to Amicus. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our legal case management platform, including our web application and mobile applications (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not access or use our Services.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our Services:

  • Account Information: Name, email address, phone number, and password when you create an account
  • Legal Case Data: Case numbers, parties involved, court information, case status, dates, and other case-related details
  • Documents: Legal documents, PDFs, images, and other files you upload to the platform
  • Communications: Messages, chat conversations, and communications you send through our platform
  • Profile Information: Professional information, role, organization details, and preferences

2.2 Information Collected Automatically

When you use our Services, we automatically collect certain information:

  • Usage Data: Pages visited, features used, time spent, and interaction patterns
  • Device Information: Device type, operating system, browser type, and mobile device identifiers
  • Log Data: IP address, access times, error logs, and system activity
  • Cookies and Tracking: Session cookies and similar technologies to maintain your logged-in state

2.3 Third-Party Integrations

If you connect third-party services to your Amicus account:

  • Gmail Integration: Email access (if you authorize OAuth connection)
  • Calendar Integration: Calendar events and hearing schedules (if connected)

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Services: Enable case management, document storage, and collaboration features
  • AI-Powered Features: Process documents with AI to provide summaries, insights, and context-aware responses
  • Authentication: Verify your identity and maintain secure access to your account
  • Communications: Send notifications, updates, and service-related announcements
  • Improve Services: Analyze usage patterns to enhance features and user experience
  • Security: Detect, prevent, and respond to fraud, abuse, and security incidents
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service
  • Support: Respond to your requests and provide customer support

4. Data Storage and Processing

4.1 Cloud Infrastructure

Your data is stored and processed using the following secure services:

  • Supabase: Database hosting for case data, user information, and authentication (hosted on AWS)
  • Amazon S3: Secure storage for uploaded documents and files
  • Amazon ECS: Container services for document processing
  • AWS SES: Email delivery service for notifications

4.2 Data Location

Our services are hosted in the United States (US-East-1 region). Your data may be transferred to and maintained on servers located outside of your jurisdiction.

5. AI and Document Processing

Amicus uses artificial intelligence to enhance your case management experience:

  • Document Analysis: AI processes your uploaded documents to extract text, summarize content, and identify key information
  • AI Chat: Provides context-aware answers based on your case documents using Retrieval-Augmented Generation (RAG)
  • Data Processing: Document content is processed to create embeddings and searchable indexes
  • Privacy: AI processing is specific to your account and cases; your data is not used to train general AI models

6. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share information
  • Within Your Organization: With other users in your organization for collaboration purposes
  • Service Providers: With trusted third-party service providers who assist in operating our Services (AWS, Supabase)
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to you)
  • Safety and Security: To protect the rights, property, or safety of Amicus, users, or the public

7. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: Data is encrypted in transit (HTTPS/TLS) and at rest
  • Authentication: Secure authentication system with password hashing
  • Access Controls: Role-based access control (RBAC) to limit data access
  • Soft Delete: Deleted records are marked as deleted but retained for recovery purposes
  • Regular Audits: Periodic security assessments and monitoring

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

8. Data Retention

We retain your information for as long as necessary to provide our Services and comply with legal obligations:

  • Account Data: Retained while your account is active
  • Case Data: Retained according to your organization's retention policies
  • Deleted Data: Soft-deleted data is retained for recovery and legal compliance purposes
  • Backup Data: May persist in backups for up to 90 days after deletion

9. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Data Portability: Request a copy of your data in a structured, machine-readable format
  • Opt-Out: Unsubscribe from marketing communications
  • Restrict Processing: Request limitation of how we process your information

To exercise these rights, please contact us using the information provided below.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Users

If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using our Services, you consent to the transfer of your information to the United States.

12. Mobile Application

Our mobile applications may collect additional information:

  • Device Permissions: Camera (for document scanning), storage (for file access), and notifications
  • Push Notifications: Device tokens for sending notifications
  • Mobile Analytics: App usage and crash reports to improve stability

You can manage permissions through your device settings at any time.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Amicus Legal Technologies

Email: info@crestatech.io

15. Your Consent

By using our Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

© 2026 Amicus Legal Technologies. All rights reserved.