TrueVow Privacy Policy

Version 2.0 — Incorporating 168 Best-Practice Improvements
Effective Date: November 5, 2025
Last Updated: November 5, 2025
Controller: TrueVow Global Tech FZE LLC (UAE)
Contact: privacy@truevow.com | dpo@truevow.com

⚠️ IMPORTANT NOTICE TO LICENSED U.S. ATTORNEYS ONLY

This Privacy Policy is a binding legal agreement between your law firm ("Firm," "you," "Customer") and TrueVow Global Tech FZE LLC, a UAE limited-liability company ("TrueVow," "we," "our").

BY ACCESSING OR USING THE SERVICES, YOU:

Represent under penalty of perjury (28 U.S.C. § 1746) that you are a licensed U.S. attorney in good standing
Irrevocably accept this Policy in its entirety, including its mandatory arbitration provision
Waive any conflict-of-laws rule that would apply a different privacy regime

This Policy is integrated into and governed by the TrueVow Terms of Service and Master Services Agreement. If you do not agree, cease use immediately.

📋 30-SECOND PLAIN-ENGLISH SUMMARY

Bottom line: The legal brain of TrueVow's Core Logic is AI-free and deterministic. Any ML usage is strictly ancillary, operational plumbing—not legal judgment. Default storage is off. If you opt-in to brief retention for export/review, we encrypt and delete on a short fuse.

What You Need to Know:

✅ We store nothing by default—no call audio, no transcripts, no PHI, no SSNs
✅ If you flip the optional "Retention Toggle," we encrypt and auto-delete after 7 days
✅ We never sell data; we never train AI models on your data; we never commingle client files
✅ All processing occurs on a zero-knowledge, deterministic, non-generative engine
✅ Any dispute is arbitrated in Zurich under Swiss law—no U.S. class actions

1. Corporate Structure & Data Controller

1.1 Data Controller & Contracting Entity

The data controller for the Services is:

TrueVow Global Tech FZE LLC (UAE)
Dubai South, Dubai, United Arab Emirates
Email: privacy@truevow.com

1.2 Related Entities (Not Data Controllers/Processors)

TrueVow Global Technologies Holdings Ltd. (Nevis):

Passive intellectual property holding entity
Does NOT process Customer Data
Not a party to customer agreements

TrueVow Global Technologies (USA) Inc. (Wyoming):

Performs passive marketing activities only within the United States
Does NOT process Customer Data
Not a party to customer agreements

1.3 Entity Structure Disclaimer

The data subject's recourse regarding data processing is exclusively against TrueVow Global Tech FZE LLC (UAE) under the terms of the MSA and the Governing Law (Switzerland).

1.4 Controller / Processor Roles

Role	Entity	Data Type	Responsibilities
Data Controller	TrueVow Global Tech FZE LLC (UAE)	Account Data, Technical Logs, Analytics, Feedback	Determines purposes and means
Data Processor	TrueVow Global Tech FZE LLC (UAE)	Firm Client Data (call audio, transcripts, intake responses)	Acts on Firm's documented instructions
Sub-Processors	See Schedule A (truevow.law/subprocessors)	Infrastructure, operational data	Bound by DPAs and SCCs
IP Owner (Non-Party)	TrueVow Global Technologies Holdings Ltd. (Nevis)	N/A - No personal data processed	Not a party

TrueVow acts as:

Processor for Firm Client Data (intake responses, call audio/transcripts if retention enabled, documents)
Controller for Account Data, Technical Logs, Analytics Data, and Feedback

Firm is:

Controller for all Firm Client Data and is solely responsible for:
- Responding to data subject requests from callers/clients
- Providing privacy notices to callers/clients
- Obtaining all required consents (including call recording consent)
- Compliance with TCPA, state bar rules, and ethical obligations

2. Scope, Coverage & Application

2.1 Services Covered

This Privacy Policy applies to:

TrueVow INTAKE™ - Deterministic FSM-based phone answering and lead qualification
TrueVow DRAFT™ - Client-side compliance validation tool
TrueVow SETTLE™ - Historical settlement data visualization (public records only)
TrueVow CONNECT™ - Referral network and client management
TrueVow VERIFY™ - Blockchain-anchored compliance certificates
Website - truevow.law and all subdomains
APIs - All programmatic interfaces
Admin Dashboards - Customer portals and configuration interfaces
Support Channels - Email, chat, phone support
Marketing Communications - Emails, newsletters, promotional materials

2.2 What This Policy Does NOT Cover

Out of Scope:

Your internal systems (practice-management software, e-discovery tools, calendaring systems)
Third-party sites or services that link from our interfaces (governed by their own policies)
Attorney-client privilege & work product (governed by applicable law and your professional obligations)
Your own privacy practices and notices to your clients

2.3 Attorney-Client Privilege Notice

TrueVow does not create an attorney-client relationship with End Users. Any attorney-client privilege exists solely between the Customer (law firm) and their clients. Information disclosed to TrueVow is subject to the limited waiver protections of Federal Rule of Evidence 502(d) and analogous state rules. TrueVow is not a co-client or joint client.

3. Zero-Knowledge Architecture

3.1 Core Principle: Default Zero-Retention

By default, TrueVow does not store call audio, transcripts, personally identifiable information (PII), protected health information (PHI), Social Security Numbers, financial account details, or other sensitive client data beyond the duration of the session.

Only anonymized booking metadata (timestamp, practice area, consent status, phone number in E.164 format) is transmitted to Firm.

📋 SETTLE™ Specific Data Collection Model

For TrueVow SETTLE™ specifically: We collect only generic injury categories, county information (public data), and dollar amounts. We do NOT collect case facts, legal strategy, privileged communications, or client identifiers. This minimal data collection ensures compliance with ABA Model Rule 1.6 and state bar ethics opinions.

Data Aggregation: SETTLE contributions are immediately anonymized and aggregated. No individual case data is retained beyond the aggregation process. Minimum 15 cases per query result prevents re-identification of any individual case.

3.2 Optional 7-Day Retention (Opt-In)

Upon Firm's explicit election in account settings ("Retention Toggle"), TrueVow may retain call recordings and machine-generated transcripts for up to seven (7) calendar days solely to facilitate export to Firm's secure internal systems.

Firm acknowledges that:

(a) this feature is entirely optional and disabled by default
(b) no sensitive PII (as defined in Schedule C) is stored, even when enabled
(c) Firm assumes all risk for compliance with state bar rules, HIPAA (if applicable), TCPA, GDPR, CCPA, and other regulatory frameworks
(d) TrueVow shall not be liable for any data breach, ethics complaint, regulatory penalty, or malpractice claim arising from Firm's use of this feature

3.3 Ephemeral Processing Specifications

Technical Implementation:

In-RAM Processing: Audio streams processed in memory only; never written to persistent disk during active call
SHA-256 Hash-Based Caching: Temporary performance caching uses truncated cryptographic hashes as keys; raw text never stored in cache; TTL ≤ 900 seconds; allkeys-lru eviction; purged before call termination
Deletion Standard: NIST SP 800-88 Rev 1 cryptographic shredding with checksum verification
Immutable Logging: CloudTrail + Loki; 365-day retention; logs contain no content, only metadata (timestamp, status codes, latency)

3.4 SETTLE Data Aggregation & Anonymization

TrueVow SETTLE™ employs a multi-layer anonymization and aggregation process:

Immediate Anonymization: All data contributions are stripped of client identifiers, case facts, legal strategy, and privileged communications before storage
Minimum Aggregation Threshold: Query results require a minimum of 15 cases to prevent re-identification of any individual case
Generic Categories Only: Data is stored using generic injury categories (e.g., "soft tissue injury", "fracture") rather than specific medical diagnoses or detailed narratives
No PII/PHI Storage: No personally identifiable information or protected health information is stored in the SETTLE database
Blockchain Verification: Each contribution generates an OpenTimestamps blockchain hash providing cryptographic proof of anonymization (hash only; no personal data on-chain)

✅ Re-Identification Prevention

The 15-case minimum aggregation threshold ensures that even if an attacker gained access to the SETTLE database, they could not identify any individual case or client. This mathematical guarantee provides structural immunity against privacy violations.

4. Information We Collect

4.1 Account & Firm Data (We Control)

Category	Examples	Purpose
Firm Profile	Firm name, office addresses, phone, email, bar numbers, VAT/EIN	Account setup, compliance verification, invoicing
Admin Contacts	Name, email, phone of authorized users	Account access, support, notifications
Payment Data	Payment tokens (Stripe), billing history	Transaction processing (PCI-DSS compliant; we never store full card numbers)
Configuration	Intake scripts, practice areas, booking rules, document templates	Service customization and delivery
Usage Telemetry	Login times, feature usage, API calls, dashboard interactions	Service improvement, support, fraud detection

4.2 Firm Client Data (We Process on Your Instructions)

Category	Examples	Default Retention
Caller Contact	Name, phone number (E.164 format)	Passed to Firm immediately; not stored by TrueVow
Intake Responses	Answers to Firm's custom qualification questions	Passed to Firm immediately; not stored by TrueVow
Booking Data	Appointment date/time, practice area, status	Transmitted to Firm's calendar/CRM immediately
Call Audio	Recording of intake conversation	NOT STORED unless Retention Toggle enabled (7-day encrypted storage)
Transcripts	Machine-generated text from audio	NOT STORED unless Retention Toggle enabled (7-day encrypted storage)
CONNECT Referral Data	Case type, jurisdiction, practice area (non-privileged information only)	Optional retention service (if enabled by attorney); duration varies by state requirements. Attorneys responsible for their own record retention per state bar rules. PHI only retained as long as necessary for referral purpose.

📋 CONNECT™ Specific Data Collection Model

For TrueVow CONNECT™ specifically: We collect only non-privileged information necessary for referral facilitation (case type, jurisdiction, practice area). We do NOT collect client names, case facts, privileged communications, or legal strategy.

PHI Handling: If attorneys share PHI with medical providers via CONNECT, a Business Associate Agreement (BAA) is required. CONNECT provides BAA templates and encryption safeguards, but attorneys are solely responsible for executing BAAs and obtaining client consent.

Data Minimization: CONNECT is designed to minimize information sharing. Attorneys control what information is shared via the platform. Only non-privileged information necessary for referral is transmitted.

📋 DRAFT™ Specific Data Collection Model

For TrueVow DRAFT™ specifically: DRAFT is a client-side compliance validation tool that runs locally on your device (zero-knowledge architecture). Your document never leaves your system.

What DRAFT Collects:

Validation Rules: Attorney-configured validation rules (synced to your device, encrypted, one-time)
Template Library: Public form templates (if applicable, synced to your device, encrypted)
Usage Analytics (Optional): Validation count, document type, validation status, missing fields list (field names only, not values) - NO document content, NO client data

What DRAFT Does NOT Collect:

Document Content: Your document never leaves your device (processed locally only)
Client Data: No client PII/PHI is collected or transmitted
Case Facts: No case facts, legal strategy, or privileged communications are collected
Document Text: No document text is collected or transmitted

Zero-Knowledge Architecture: DRAFT validation runs entirely locally on your device. Validation rules are synced to your device (encrypted, one-time), and validation runs in local memory. Only optional usage analytics (not document content) may be sent to TrueVow.

4.3 What We Explicitly DO NOT Collect

Schedule C: Prohibited Data (Zero Tolerance)

TrueVow's platform is not designed to handle and Firm must not upload:

Social Security Numbers (SSNs) or other government-issued ID numbers
Full medical records, handwritten physician notes, pharmacy ledgers, or diagnostic imaging
Credit card numbers, bank account numbers, or other financial credentials
Biometric data (fingerprints, retinal scans, facial recognition profiles)
Genetic data or DNA profiles
Precise geolocation data (GPS coordinates)
Children's data (data of individuals under 13, absent parental consent)
Password or security credentials
Privileged attorney-client communications unrelated to the Services
Immigration or citizenship status (if not directly relevant to legal intake)
Criminal background data (unless required for case qualification)
Case facts, legal strategy, or privileged communications (SETTLE-specific: these are never collected, even for settlement data contributions)
Client names, case facts, privileged communications, or legal strategy (CONNECT-specific: only non-privileged information necessary for referral is collected, and only with client consent)
Document content, client data, case facts, or privileged communications (DRAFT-specific: document content never leaves attorney's device; only validation rules and optional usage analytics are collected)

Waiver Clause: If Firm uploads Prohibited Data despite these restrictions, Firm:

(a) waives any claim against TrueVow for mishandling such data
(b) indemnifies TrueVow against all regulatory fines, penalties, or third-party claims arising from such upload
(c) acknowledges that TrueVow's security controls are not designed for such data categories

5. How We Use Information

5.1 Core Service Delivery

Route inbound calls to TrueVow INTAKE deterministic engine
Execute Firm-configured qualification scripts
Create bookings and transmit to Firm's calendar/CRM
Validate completed documents for compliance (TrueVow DRAFT)
Display historical settlement visualizations (TrueVow SETTLE)
Issue blockchain compliance certificates (TrueVow VERIFY)
Facilitate referrals through TrueVow CONNECT (directory/platform services only; attorneys make all professional decisions)

5.2 Operational & Security Purposes

Monitor system health, uptime, and performance
Detect and prevent fraud, abuse, or unauthorized access
Respond to support inquiries and troubleshoot issues
Conduct security audits and penetration testing
Maintain backups (encrypted, segregated by customer)
Comply with legal obligations (tax, accounting, breach notification)

5.3 Service Improvement & Analytics

Analyze aggregated usage patterns to improve features
Generate anonymized benchmarking data for SETTLE
Test new functionality in staging environments
Train internal support teams

We do NOT use Firm Client Data for:

❌ Training machine learning models (absent explicit opt-in)
❌ Cross-context behavioral advertising
❌ Selling or renting to third parties
❌ Marketing to end-user callers

6. Legal Bases for Processing (GDPR & Privacy Laws)

6.1 Contractual Necessity (GDPR Art. 6(1)(b))

Processing is necessary to perform our contract with you (the MSA and Terms of Service).

6.2 Legitimate Interests (GDPR Art. 6(1)(f))

We process data based on legitimate interests, balanced against user rights:

Security and fraud prevention
Service optimization and reliability
Business analytics (aggregated, anonymized)
Vendor management and compliance

6.3 Consent (GDPR Art. 6(1)(a))

Optional Retention Toggle (explicit consent for 7-day storage)
Marketing communications (where required by law)
Non-essential cookies (subject to user preferences)

6.4 Legal Obligations (GDPR Art. 6(1)(c))

Tax and accounting records
Breach notification requirements
Court orders and legal process
Export controls and sanctions compliance

6.5 Special Category Health Data (GDPR Art. 9(2)(h))

For any incidental health-related data captured during injury-law intake, processing is necessary for healthcare purposes carried out by a health professional (the Firm's attorney) subject to professional secrecy.

7. Information We Share & Sub-Processors

7.1 We Do NOT Sell Personal Data

TrueVow does not sell personal data as "sale" is defined under CCPA, CPRA, VCDPA, CPA, CTDPA, UCPA, or any other U.S. state privacy law.

7.2 Sub-Processors (Flexible, Category-Based Approach - No Liability for Third Parties)

(a) Living List (Indicative, Not Exhaustive): We maintain a current list of sub-processors at https://truevow.law/subprocessors. This list is indicative and non-exhaustive and reflects vendors actively processing Customer Data as of the last update date. The list is updated regularly but may not reflect all operational vendors at any given time. Firm acknowledges that: TrueVow does not control the Sub-Processors' systems, security practices, or operations; TrueVow is a customer of the Sub-Processors, not their owner, controller, or parent company; TrueVow cannot guarantee the performance, security, or availability of Sub-Processor services; Firm's exclusive remedy for Sub-Processor failures lies directly against the Sub-Processor under their own terms and limitations of liability.

(b) Pre-Authorized Categories (No Notice Required): Firm pre-authorizes TrueVow to engage additional sub-processors in the following categories without prior notice, provided such vendors meet security standards (SOC 2 Type II, ISO 27001, or equivalent) and do NOT process call audio, transcripts, or customer PII: (i) Development tools (code editors, version control, CI/CD pipelines, testing frameworks); (ii) Infrastructure management (load balancers, edge computing, DNS, SSL/TLS, container orchestration); (iii) Monitoring and logging (error tracking, performance analytics, observability platforms); (iv) Internal operations (collaboration tools, HR systems, accounting software, documentation platforms); (v) Network security (firewalls, DDoS protection, WAF, intrusion detection).

(c) 30-Day Notice Required (High-Risk Vendors): TrueVow will use commercially reasonable efforts to provide 30 days' written notice before adding new sub-processors that: (i) process call audio or transcripts; (ii) process customer PII (name, phone, email) beyond ephemeral routing; (iii) store customer data >24 hours; (iv) have access to unencrypted customer data. If Firm objects within 15 days, Firm's exclusive remedy is to terminate the MSA upon 30 days' written notice. Failure to provide notice or update the list does NOT constitute a breach of this Privacy Policy or the MSA and does NOT create any liability.

(d) Operational Flexibility: TrueVow may engage unlisted vendors for: (i) emergency purposes (failover, incident response, disaster recovery); (ii) operational purposes within pre-authorized categories; (iii) vendors that do NOT process customer data. Using an unlisted vendor does NOT violate this Privacy Policy or the MSA and does NOT constitute a breach, provided the vendor meets security standards.

(e) Pass-Through Terms: All Sub-Processors (listed or unlisted) are governed by their respective terms of service, privacy policies, data processing agreements, and service level agreements, which are incorporated herein by reference.

Current Sub-Processor Categories (Indicative List):

Voice & Audio: ElevenLabs, Cartesia, DeepGram, Silero, Fast Whisper
Authentication: Auth0
Database & Storage: Supabase, PlanetScale, Redis
Cloud Infrastructure: Google Cloud, Cloudflare
Telephony: Twilio

Note: This list is updated regularly. See https://truevow.law/subprocessors for the current list.

7.3 No Liability for Sub-Processor Acts

TRUEVOW SHALL NOT BE LIABLE for any act, omission, error, breach, data loss, security incident, outage, or failure of any Sub-Processor (listed or unlisted), including but not limited to: hosting provider outages or data loss; telephony provider call quality or delivery failures; payment processor errors or fraud; authentication provider breaches or downtime; speech processing tool inaccuracies or failures; database provider data loss or corruption; CDN/network provider performance issues; development tool outages; monitoring tool failures.

7.4 No Breach for Unlisted Vendors

Firm acknowledges and agrees that: (i) the sub-processor list is indicative, not exhaustive; (ii) TrueVow may use unlisted vendors for operational purposes without violating this Privacy Policy or the MSA; (iii) failure to list a vendor does NOT constitute a breach and does NOT create any liability; (iv) TrueVow will use commercially reasonable efforts to keep the list current, but operational flexibility is preserved.

7.5 Legal Compliance & Required Disclosures

We may disclose personal data to comply with legal obligations, including:

Court orders, subpoenas, or other legal process
Law enforcement requests (with Firm notification where legally permitted)
National security or public safety requirements
Tax, accounting, and regulatory compliance

8. Data Retention & Deletion

8.1 Retention Schedule

Data Category	Default Retention	Optional Extended	Deletion Method
Call Audio	Not stored	7 days (if Toggle ON)	NIST SP 800-88 cryptographic shredding
Transcripts	Not stored	7 days (if Toggle ON)	NIST SP 800-88 cryptographic shredding
Booking Metadata	Transmitted immediately	N/A	Not retained by TrueVow
Account Data	Duration of contract + 7 years	N/A	Secure deletion after retention period
Technical Logs	365 days	N/A	Automated rolling deletion
Payment Records	7 years (tax compliance)	N/A	Secure deletion after statutory period
Blockchain Certificates	Immutable (Bitcoin blockchain)	N/A	Hash only; no personal data on-chain

8.2 Post-Termination Data Export

Upon termination of your account, you have a seven (7)-day window to export data. After that, all data is permanently and irretrievably deleted unless a valid litigation hold is received.

8.3 Deletion Procedure

Cryptographic Shredding: AES-256 encryption keys destroyed, rendering data unrecoverable
Checksum Verification: Deletion confirmed via cryptographic checksums
Backup Recovery Re-Flagging: Deleted data flagged in backups to prevent restoration

8.4 SETTLE Data Retention (Anonymized & Aggregated)

TrueVow SETTLE™ Data Handling:

Immediate Anonymization: All contributions are anonymized and aggregated immediately upon submission
No Individual Case Retention: No individual case data is retained beyond the aggregation process
Aggregated Statistics Only: Only aggregated, anonymized statistics are stored (e.g., "Median settlement for soft tissue injury in Cook County: $68K")
Blockchain Hash Storage: OpenTimestamps blockchain hash is stored (immutable, contains no personal data, only cryptographic proof of anonymization)
No Deletion Required: Since no individual case data or PII is stored, there is no personal data to delete from SETTLE contributions

📋 SETTLE Data Lifecycle

Step 1: Attorney submits anonymized contribution (injury type, county, dollar amount only)

Step 2: System immediately aggregates with existing data

Step 3: Individual contribution data discarded; only aggregated statistics retained

Step 4: Blockchain hash generated (proves anonymization occurred, contains no personal data)

Result: No individual case data ever persists in the SETTLE database

8.5 DRAFT Data Retention (Zero-Knowledge Architecture)

Client-Side Validation (Zero-Knowledge):

DRAFT runs locally on your device (zero-knowledge architecture). Your document never leaves your system. Validation rules are synced to your device (encrypted, one-time), and validation runs entirely locally in memory.

What Gets Stored:

Validation Rules: Attorney-configured validation rules (stored in TrueVow database, encrypted, synced to your device)
Template Library: Public form templates (if applicable, stored in TrueVow database, encrypted, synced to your device)
Usage Analytics (Optional): Validation count, document type, validation status, missing fields list (field names only, not values) - stored in TrueVow database, NO document content, NO client data

What Does NOT Get Stored:

Document Content: Your document never leaves your device (processed locally only, never stored by TrueVow)
Client Data: No client PII/PHI is collected or stored
Case Facts: No case facts, legal strategy, or privileged communications are collected or stored
Document Text: No document text is collected or stored

📋 DRAFT Zero-Knowledge Architecture

How It Works:

Step 1: Validation rules synced to your device (encrypted, one-time)

Step 2: You prepare document in your preferred tool (Word, Google Docs, etc.)

Step 3: You run DRAFT validator (browser extension or desktop app)

Step 4: DRAFT validates document locally (in your device's memory, never uploaded)

Step 5: Validation results shown locally (never sent to TrueVow)

Step 6: Optional usage analytics sent (not document content, only metadata)

Result: Your document never leaves your device. TrueVow never sees your document content.

⚠️ Attorney Responsibility

CRITICAL: Attorneys are solely responsible for maintaining their own document records in compliance with state bar requirements. State retention requirements vary (typically 5-7 years, but varies by jurisdiction). Attorneys must maintain their own records regardless of whether TrueVow offers optional retention services.

8.6 CONNECT Data Retention

Attorney Responsibility for Record Retention:

Attorneys are solely responsible for maintaining their own referral records in compliance with state bar requirements. State retention requirements vary (typically 5-7 years, but varies by jurisdiction). Attorneys must maintain their own records regardless of whether TrueVow offers optional retention services.

TrueVow CONNECT™ Optional Retention Service:

TrueVow may offer optional record retention services for attorney convenience. If attorneys choose to use this optional service:

Referral Records: May be retained for attorney convenience (duration varies by state requirements; attorneys must verify their state's requirements)
Non-Privileged Information: Case type, jurisdiction, practice area retained for referral management purposes (if optional service enabled)
PHI (if shared): Retained only as long as necessary for referral purpose; deleted after referral completion (unless longer retention required by law)
Client Consent Records: Attorneys are responsible for maintaining their own consent records; TrueVow may store copies if attorneys choose to use optional service
Audit Logs: Platform activity logs retained for system operation purposes (duration varies)
BAA Records: If PHI is shared, attorneys are responsible for maintaining BAA records; TrueVow may store copies if attorneys choose to use optional service

⚠️ Attorney Responsibility

CRITICAL: Attorneys are solely responsible for maintaining their own referral records in compliance with their state bar requirements. TrueVow's optional retention service (if offered) does NOT relieve attorneys of this responsibility. Attorneys must:

Verify their state's specific retention requirements (varies by state)
Maintain their own records regardless of TrueVow's optional service
Ensure compliance with state bar rules for record retention
Not rely solely on TrueVow for record retention compliance

📋 CONNECT Data Lifecycle

Step 1: Attorney initiates referral via CONNECT platform (shares only non-privileged information: case type, jurisdiction, practice area)

Step 2: Receiving attorney/provider reviews referral information

Step 3: If referral accepted, attorneys enter into separate written referral agreement (outside CONNECT platform)

Step 4: Attorney maintains referral record per state bar requirements (TrueVow may offer optional retention service)

Step 5: If PHI was shared, attorney maintains BAA records per state requirements (TrueVow may offer optional retention service)

Result: Minimal data collection; only non-privileged information necessary for referral facilitation. Attorney retains full responsibility for record retention compliance.

9. Data Security Measures (SOC 2 Type II Aligned)

9.1 Eleven-Layer Defense-in-Depth Architecture

Layer 1: Encryption

In Transit: TLS 1.3 with Perfect Forward Secrecy
At Rest: AES-256-GCM encryption for all stored data
Key Management: AWS KMS with customer-managed keys (CMK), 90-day rotation, TrueVow personnel cannot decrypt

Layer 2: Access Control

Role-Based Access Control (RBAC): Principle of least privilege
Multi-Factor Authentication (MFA): Required for all admin accounts
Just-In-Time (JIT) Provisioning: Temporary elevated access with audit logging
Session Management: 30-minute idle timeout, secure session tokens

Layer 3: Network Security

Virtual Private Cloud (VPC): Isolated network environments per customer
Web Application Firewall (WAF): OWASP Top 10 protection
DDoS Protection: Cloudflare + AWS Shield Advanced
Mutual TLS: Certificate-based authentication for API calls

Layer 4: Application Security

Secure SDLC: Security requirements integrated from design phase
Code Review: Mandatory peer review + automated SAST/DAST scanning
Supply Chain Security: Dependency scanning, SBOMs, container image signing
Input Validation: Strict sanitization of all user inputs

Layer 5: Monitoring & Logging

Centralized Logging: CloudTrail, Loki, immutable audit logs
Anomaly Detection: ML-based behavior analysis for security events
Rate Limiting: Prevents brute-force and API abuse
Real-Time Alerts: 24/7 SOC monitoring with PagerDuty escalation
Blockchain Verification (SETTLE): OpenTimestamps blockchain hashing provides cryptographic proof of anonymization and immutable audit trail for SETTLE contributions (hash only; no personal data on-chain)

Layer 6: Vulnerability Management

Annual Penetration Testing: CREST-certified third-party testing
Continuous Scanning: Automated vulnerability scans (weekly)
Patch Management: Critical patches within 24 hours, high-severity within 7 days
Bug Bounty: Responsible disclosure program (launch Q2 2026)

Layer 7: Business Continuity

Recovery Objectives: RPO < 1 hour, RTO < 4 hours
Multi-AZ/Region: Active-active failover for critical services
Backup Strategy: Encrypted backups, 30-day retention, tested quarterly
Disaster Recovery: Documented runbooks, annual DR drills

Layer 8: Personnel & Training

Background Checks: All employees with data access
Security Training: Mandatory quarterly training, annual phishing simulations
Confidentiality Agreements: Signed by all personnel and contractors
Insider Threat Program: Access monitoring and behavioral analytics

Layer 9: Third-Party Risk

Vendor Due Diligence: Security questionnaires, SOC 2 reviews
Contractual Safeguards: DPAs, SCCs, breach notification requirements
Ongoing Monitoring: Quarterly vendor risk assessments

Layer 10: Compliance Audits

SOC 2 Type II: Target Q1 2026
ISO 27001: Roadmap for Q3 2026
Penetration Testing: CREST-certified annual testing
Privacy Audits: GDPR/CCPA compliance reviews

Layer 11: Incident Response

24/7 Playbook: Classification tiers, containment procedures, forensics
72-Hour Breach Notification: Best-efforts notification to affected Firms
Post-Incident Reports: Root cause analysis, corrective actions, lessons learned
Forensic Preservation: Evidence chain-of-custody for legal proceedings

10. Your Privacy Rights

10.1 Universal Rights (All Jurisdictions)

Right	Description	How to Exercise	Response Time
Access/Know	Obtain a copy of your personal data	Email privacy@truevow.com	30 days (GDPR), 45 days (state laws)
Correction	Correct inaccurate data	Update via dashboard or email	Immediate (dashboard), 30 days (manual)
Deletion	Request data erasure	Email privacy@truevow.com	7 days maximum
Portability	Receive data in machine-readable format	Email privacy@truevow.com	Real-time CSV export
Restriction	Limit processing (GDPR Art. 18)	Email privacy@truevow.com	30 days
Objection	Object to legitimate interest processing	Email privacy@truevow.com	30 days
Opt-Out Sale/Share	Opt out of data sales (we don't sell)	N/A - we don't sell data	N/A
Consent Withdrawal	Withdraw consent for Retention Toggle	Disable in dashboard	Immediate
No Profiling	No automated decision-making (GDPR Art. 22)	N/A - we don't use profiling	N/A
Appeal	Appeal privacy decision (VA, CO)	Email dpo@truevow.com	45 days

10.2 Firm's Responsibility for Caller/Client Rights

IMPORTANT: For Firm Client Data (intake responses, call audio/transcripts), Firm is the data controller. Data subject requests from callers/clients must be directed to the Firm, not TrueVow.

TrueVow may assist Firm by providing data export tools and technical support. TrueVow will use commercially reasonable efforts to respond to requests within 72 hours, but makes no guarantee of response time and shall not be liable for any delay.

11. California Privacy Rights (CCPA/CPRA)

11.1 Service Provider / Contractor Status

For purposes of the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), TrueVow acts as a "Service Provider" or "Contractor".

We process personal information solely to provide the Services specified in our agreement with you.

11.2 Prohibition on Sale and Retention

We are prohibited from selling or sharing personal information
We are prohibited from retaining, using, or disclosing personal information for any purpose other than providing the Services
We are prohibited from combining personal information with information from other sources

11.3 California Consumer Rights

California residents have the right to:

Know: Request disclosure of personal information collected, used, disclosed, or sold
Delete: Request deletion of personal information
Correct: Request correction of inaccurate personal information
Opt-Out: Opt out of sale/sharing (we don't sell/share)
Limit Use: Limit use of sensitive personal information (we don't use for unauthorized purposes)
Non-Discrimination: Not be discriminated against for exercising rights

To exercise these rights, email privacy@truevow.com or call 1-844-TRUEVOW

11.4 Do Not Sell/Share My Personal Information

We do not sell or share personal information. No opt-out is required.

12. European Data Subject Rights (GDPR/UK GDPR)

12.1 Legal Basis Summary

We process EU/UK personal data under the following legal bases:

Art. 6(1)(b): Contract performance
Art. 6(1)(f): Legitimate interests (security, fraud prevention, service improvement)
Art. 6(1)(a): Consent (Retention Toggle, marketing)
Art. 6(1)(c): Legal obligations
Art. 9(2)(h): Health data for healthcare purposes by health professional

12.2 EU/UK Representative (GDPR Art. 27)

EU Representative:
[TBD - To be appointed Q1 2026]
Email: eu-rep@truevow.com

UK Representative:
[TBD - To be appointed Q1 2026]
Email: uk-rep@truevow.com

12.3 Right to Lodge Complaint

You have the right to lodge a complaint with a supervisory authority:

EU: Your local Data Protection Authority (list at edpb.europa.eu)
UK: Information Commissioner's Office (ICO) - ico.org.uk
Switzerland: Federal Data Protection and Information Commissioner (FDPIC) - edoeb.admin.ch

13. U.S. State Privacy Laws

13.1 Multi-State Compliance

In addition to California (CCPA/CPRA), TrueVow complies with:

Virginia Consumer Data Protection Act (VCDPA)
Colorado Privacy Act (CPA)
Connecticut Data Privacy Act (CTDPA)
Utah Consumer Privacy Act (UCPA)
Texas Data Privacy and Security Act (TDPSA)
Nevada Revised Statutes Chapter 603A (opt-out of sale)

13.2 Sensitive Data Processing

We do not process sensitive data for purposes of targeted advertising, sale, or unauthorized profiling.

Incidental health data captured during injury-law intake is processed solely for legal intake purposes on Firm's instructions.

13.3 Appeal Rights (VA, CO, CT)

Virginia, Colorado, and Connecticut residents may appeal our response to a privacy rights request by emailing dpo@truevow.com within 45 days.

14. International Privacy Laws

14.1 UAE Personal Data Protection Law (PDPL 2021)

TrueVow Global Tech FZE LLC (UAE) complies with Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data.

14.2 Canada (PIPEDA)

For Canadian data subjects, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA).

14.3 Australia (Privacy Act 1988)

For Australian data subjects, we comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

14.4 Switzerland (Federal Act on Data Protection 2023)

Our governing law (Switzerland) ensures compliance with the revised Swiss Federal Act on Data Protection (FADP).

15. International Data Transfers & Cross-Border Safeguards

15.1 Transfer Mechanisms

Data may be transferred globally, including to the United States, for processing by Sub-Processors. Such transfers are safeguarded by:

Standard Contractual Clauses (SCCs 2021/914): EU Commission-approved Module 2 (Controller → Processor)
UK International Data Transfer Agreement (IDTA): For UK transfers
Swiss FADP Addenda: For Swiss transfers
Vendor Data Processing Agreements (DPAs): All Sub-Processors execute DPAs with appropriate safeguards

15.2 Supplementary Measures

In accordance with Schrems II (CJEU C-311/18), we implement supplementary measures:

Encryption: AES-256-GCM at rest, TLS 1.3 in transit
Pseudonymization: E.164 phone format, truncated hashes
Contractual Prohibitions: Sub-processors may not disclose data to government authorities without notifying TrueVow (except where legally prohibited)
Legal Assessment: Ongoing monitoring of U.S. surveillance laws and their impact on data transfers

16. Cookies & Tracking Technologies

16.1 Cookies We Use

Cookie Name	Type	Purpose	Duration	Opt-Out
_truevow_session	Essential	Maintain login session	Session	No (required for service)
_truevow_csrf	Essential	CSRF attack prevention	Session	No (required for security)
_ga	Analytics	Google Analytics (anonymized IP)	2 years	Yes (cookie preferences)
_gid	Analytics	Google Analytics session	24 hours	Yes (cookie preferences)
_truevow_prefs	Preferences	Language, theme, settings	1 year	Yes (will reset preferences)
cookie_consent	Preferences	Remember cookie choices	1 year	Yes

16.2 Global Privacy Control (GPC) Support

We honor the Global Privacy Control (GPC) signal. If your browser sends a GPC signal, we will treat it as a request to opt out of analytics cookies.

16.3 Managing Cookies

You can manage cookie preferences through:

Our cookie consent banner (first visit)
Cookie preferences link in footer
Browser settings (see browser help for instructions)

17. Confidentiality, Attorney-Client Privilege & Professional Responsibility

17.1 Attorney-Client Privilege Protection

Information disclosed to TrueVow that is protected by attorney-client privilege remains privileged. This disclosure is subject to:

Federal Rule of Evidence 502(d): Limited waiver protection
Common-Interest Doctrine: Shared for facilitating legal services
Work-Product Doctrine: Applicable where materials prepared in anticipation of litigation

TrueVow is not a co-client or joint client. Privilege remains with the Firm and its clients.

17.2 Professional Responsibility (ABA Model Rule 5.3)

Firm acknowledges that TrueVow constitutes a non-lawyer assistant within the meaning of ABA Model Rule 5.3 and analogous state provisions.

Firm retains sole responsibility for:

Supervising TrueVow's activities
Ensuring compliance with all ethical obligations
Maintaining independent calendaring and conflict-checking systems
Verifying accuracy and appropriateness of all outputs

18. Children's Privacy (COPPA Compliance)

18.1 Age Restrictions

The Services are NOT directed to children under 13 years of age.

We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will delete it immediately.

18.2 Parental Rights

If you believe your child under 13 has provided personal information to us, please contact privacy@truevow.com immediately.

19. Changes to This Privacy Policy

19.1 Notification of Material Changes

We may update this Privacy Policy from time to time. Material changes will be communicated via:

Email notice to registered Firm administrators (60 days' advance notice)
Prominent banner on truevow.law
In-app notification upon next login

19.2 Continued Use = Acceptance

Your continued use of the Services after the effective date of changes constitutes your acceptance of the revised Privacy Policy.

19.3 Privacy Policy Archive

Historical versions of this Privacy Policy are available upon request. Contact dpo@truevow.com to request archived versions.

Note: Automated privacy policy archive launching Q2 2026 at https://truevow.law/privacy/archive

20. Governing Law & Dispute Resolution

20.1 Governing Law

This Privacy Policy is governed by the substantive laws of Switzerland, excluding its conflict of laws principles (PILA) and the UN Convention on Contracts for the International Sale of Goods (CISG).

20.2 Mandatory Arbitration

Any dispute arising from or relating to this Privacy Policy shall be finally settled by confidential arbitration under the Rules of Arbitration of the International Chamber of Commerce (ICC) by one (1) arbitrator appointed in accordance with said Rules.

Seat of Arbitration: Zurich, Switzerland
Language: English
Waivers: Trial by jury, class actions, U.S.-style discovery

20.3 Class Action Waiver

The parties expressly waive any right to participate in class, collective, consolidated, or representative actions.

20.4 Limitation of Liability in Privacy Policy

TO THE MAXIMUM EXTENT PERMITTED BY LAW, TRUEVOW'S AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS PRIVACY POLICY OR ANY DATA BREACH SHALL NOT EXCEED THE GREATER OF (I) $500 OR (II) THE TOTAL FEES PAID BY YOU IN THE THREE (3) MONTHS PRECEDING THE EVENT.

IN NO EVENT WILL WE BE LIABLE FOR ANY CONSEQUENTIAL, INDIRECT, OR PUNITIVE DAMAGES.

21. Disclaimers & Limitations

21.1 No Guarantee of Absolute Security

While we implement commercially reasonable security measures, no security system is impenetrable, and we cannot guarantee the absolute security of our systems.

You are responsible for securing your own systems, credentials, and networks.

21.2 Third-Party Services

We are not responsible for the privacy practices of third-party services, including Sub-Processors. Their processing is governed by their own privacy policies and terms.

21.3 No Waiver of Privilege

Nothing in this Privacy Policy constitutes a waiver of attorney-client privilege, work-product protection, or any other legal privilege.

22. Contact Us & Data Protection Officer

22.1 Privacy Contact Information

Email: privacy@truevow.com (General inquiries - 5 business day response)
Email: dpo@truevow.com (Data Protection Officer - 5 business day response)
Email: security@truevow.com (Security incidents - 24-hour response)

Mailing Address:
TrueVow Global Tech FZE LLC
Attn: Privacy Team
Dubai South
Dubai, United Arab Emirates

22.2 PGP Encrypted Communication

For sensitive privacy inquiries, you may use our PGP public key:

PGP Key ID: [TBD]
Fingerprint: [TBD]
Email: security@truevow.com to request PGP public key

Note: PGP key repository launching Q2 2026 at https://truevow.law/pgp-key.asc

22.3 Response Timeframes

Inquiry Type	Contact	Response Time
General privacy inquiries	privacy@truevow.com	5 business days
Data subject rights requests	dpo@truevow.com	30 days (GDPR), 45 days (state laws)
Security incidents	security@truevow.com	24 hours
Sub-processor objections	dpo@truevow.com	15 days
Legal/arbitration matters	legal@truevow.com	As required by law

23. Indemnity for AI/LLM Vendor Claims

Firm Indemnifies TrueVow: Firm shall defend, indemnify, and hold TrueVow harmless from any claim by a third-party AI/LLM vendor alleging that:

(a) Firm Data uploaded to the Services violates the vendor's terms of service
(b) Firm's use of Ancillary ML Tools violates any usage restrictions or data policies
(c) Firm failed to obtain required consents for data processing by such vendors

24. Final Provisions

24.1 Policy Hierarchy

In the event of any conflict between this Privacy Policy and the Terms of Service or MSA, the more protective provision for data subjects shall control.

24.2 Severability

If any provision of this Privacy Policy is held invalid or unenforceable, the remaining provisions shall remain in full force, and the invalid provision shall be reformed to the minimum extent necessary.

24.3 No Admission of Liability

This Privacy Policy describes our data handling practices but does not constitute an admission of liability for any past, present, or future data processing activities.

24.4 Entire Agreement (Privacy)

This Privacy Policy, together with the Terms of Service and MSA, constitutes the entire agreement regarding privacy and data protection practices.

⚖️ PLAIN-ENGLISH DISPUTE SUMMARY

Disputes? ICC arbitration in Zurich, Switzerland. No U.S. court. No jury. No class action. Liability capped at $500 or 3-month fees. Privacy Policy disputes governed by Swiss law.

Document Version: 2.0
Effective Date: November 5, 2025
Last Revised: November 5, 2025
Total Improvements Integrated: 168
Compliance Frameworks: GDPR, CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, TDPSA, Nevada NRS 603A, UAE PDPL 2021, Canada PIPEDA, Australia Privacy Act 1988, Swiss FADP 2023, COPPA, HIPAA (non-BAA), Fed. R. Evid. 502(d)