Privacy Policy
Paralegent AI privacy. Your data, your cloud.
This privacy policy explains how Paralegent AI (operated by Cognilium AI) collects, uses, and protects your personal information. Because Paralegent AI deploys inside your cloud, contract data never leaves your infrastructure.
Effective date: January 2, 2026
Questions about this policy? Contact us at privacy@paralegent.ai.
Overview
Introduction to our privacy practices.
We are Paralegent AI, operated by Cognilium AI — a provider of AI-driven contract review software for enterprise legal teams. This privacy policy, together with our Terms of Service and any Data Processing Agreement we conclude with you, sets out the types of personal information we collect about you when you use our software or when we provide services to you, how we use and store that personal information, who we share it with, and what rights you have.
Our services are intended for enterprise legal professionals. We do not knowingly collect data relating to children.
Where we determine the purpose and means of processing your personal information, we are the controller responsible for it. If you have any questions, contact us at privacy@paralegent.ai.
Data Collection
Personal information we collect.
Personal information means any information about you from which you can be identified. We may collect and use the following personal information:
Identity Data — Your first name, last name, username or similar identifier, job title and function.
Contact Data — Your email address, telephone numbers, and company details.
Business Information — Information provided in the course of the contractual relationship between you or your organisation and us, or otherwise voluntarily provided by you.
Technical Data — Internet protocol (IP) address, login data, device type, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to access our software.
Profile Data — Your username and password, preferences, feedback and survey responses.
Usage Data — Information about how you use our software and services.
Marketing and Communications Data — Your preferences in receiving marketing from us and your communication preferences.
Important: Paralegent AI is deployed inside your organisation's own cloud environment (Azure, AWS, or Google Cloud). Contract documents you upload for review are processed within your infrastructure and are never transmitted to or stored on Paralegent AI's servers.
Collection Methods
How we collect your information.
Generally, we collect your personal information directly from you — in person, by telephone, email, and through your use of our software and services. In particular, this may occur:
Service enquiries — When you or your organisation seek our products and/or services.
Electronic correspondence — When you correspond with us by email or other electronic means.
Subscription — When you subscribe to our products or services on behalf of your organisation.
Marketing sign-up — When you sign up to receive marketing communications from us.
Feedback — When you give us feedback or contact us.
Demonstrations — When you participate in a product demonstration or onboarding session.
Data Usage
How we use your personal information.
Under data protection law, we can only use your personal information if we have a proper reason — for example: to perform our contract with you; to comply with legal obligations; for our legitimate interests; or where you have given consent.
We use your personal information to:
Customer registration — Register you or your organisation as a customer and maintain our records.
Order processing — Process and deliver your order, including managing payments, fees and charges.
Account management — Manage your subscriptions and user accounts.
Support — Respond to requests, enquiries and complaints.
Legal compliance — Comply with tax, accounting, and other applicable legal obligations.
Fraud prevention — Verify your identity and prevent fraud.
Service updates — Send you information about our services and developments (where you have not opted out).
Product improvement — Improve our software using statistical analytics of usage data.
Legal rights — Establish, exercise and/or defend our legal rights.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason compatible with the original purpose.
Marketing
Promotional communications.
We may use your personal information to send you updates about our products and services, including exclusive offers and information about new features. We have a legitimate interest in processing your personal information for promotional purposes, meaning we do not usually need your consent to send you promotional communications.
We will not sell your personal information to or share it with other organisations for marketing purposes.
You have the right to opt out of receiving promotional communications at any time by contacting us at privacy@paralegent.ai or using the "unsubscribe" link in any email we send you.
Data Sharing
Who we share your information with.
We may share personal information with service providers we use to help deliver our products and services, such as cloud infrastructure providers, security providers, and analytics tools. We only allow service providers to handle your personal information if they take appropriate measures to protect it.
We may also share personal information with:
Professional advisors — Lawyers or auditors when they need to provide professional advice.
Public authorities — Law enforcement agencies and regulatory bodies to comply with our legal obligations.
Potential buyers — In the case of a business transfer or change of ownership (subject to confidentiality obligations).
Insurers or banks — Where necessary for business operations (usually anonymised where possible).
Retention
How long we keep your information.
We will keep your personal information while we are providing services to you. Thereafter, we will keep it for as long as is necessary to respond to any questions, complaints or claims; to show that we treated you fairly; and to keep records required by law.
We will not retain your personal information longer than necessary. By law we must keep basic customer information (including Identity, Contact, and Business Information) for six years after they cease being customers.
When it is no longer necessary to retain your personal information, we will securely destroy it in accordance with applicable laws and regulations.
International Transfers
Cross-border data transfers.
We do not generally transfer your personal information internationally. Where a transfer is necessary to deliver our services, we will only do so where such a transfer is safe and your personal information will be secure — for example, where there are binding corporate rules, an adequacy decision, or appropriate contractual protections in place.
Please contact us at privacy@paralegent.ai if you want further information on the mechanisms we use when transferring your personal information internationally.
AI Transparency
How we use AI in our product.
AI models used — Paralegent AI supports Microsoft Azure OpenAI Service, Amazon Bedrock, and Google Vertex AI. The specific provider is determined by your organisation's deployment configuration. 18+ specialized agents process contracts across 18+ legal categories.
What data is shared with these models — Contract text and analysis prompts are shared with the configured AI provider, on the basis that the underlying model does not train on this data. All major providers (Microsoft, Amazon, Google) contractually prohibit using customer data to train their models.
Your data stays in your cloud — Because Paralegent AI is deployed inside your organisation's own cloud environment, your contracts and documents are processed within your infrastructure. They are not transmitted to or stored on Paralegent AI's servers. API calls to the AI provider originate from within your environment under your own API agreements.
Impact on your personal data — Your personal data is not shared with AI models unless you have included it in contract text submitted for review. Avoid including unnecessary personal data in documents submitted for analysis.
Paralegent AI deploys 18+ agents inside your cloud — zero contract data stored on Paralegent servers, ever.
Your Rights
Data protection rights.
Under applicable data protection laws, you have the following rights:
Right to access — You may request confirmation that we hold personal information about you, and access to a copy of that data.
Right to rectification — You may ask us to correct any inaccurate information we hold about you.
Right to erasure — You may, in certain circumstances, ask us to delete your personal information.
Right to restriction — You may ask us to restrict the processing of your personal information in certain circumstances.
Right to portability — You may request the personal information you have provided to us in a structured, commonly used and machine-readable form.
Right to object — You may object to our processing of your personal information for direct marketing or where we rely on legitimate interests.
Right to withdraw consent — Where our processing is based on your consent, you may withdraw it at any time.
Right to complain — You may make a complaint about our processing by contacting us or by contacting your relevant data protection authority.
To exercise any of these rights, please contact us at privacy@paralegent.ai. We will respond to all legitimate requests within one month.
Security Measures
Confidentiality and data security.
We have put in place appropriate security measures to prevent personal information from being accidentally lost, used, accessed unlawfully, altered, or disclosed. We limit access to your personal information to those who have a genuine business need to access it.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Complaints
How to raise a concern.
We hope that we can resolve any query or concern you may raise about our use of your personal information. Please contact us first at privacy@paralegent.ai or via our contact form.
You also have the right to lodge a complaint with your applicable data protection authority at any time.
Last updated: January 2, 2026
FAQ
Privacy questions
Common questions about how Paralegent AI handles personal data, contract privacy, and compliance with GDPR and other data protection regulations.
Does Paralegent AI store my contract data on its servers?
No. Paralegent AI deploys inside your own cloud environment — Azure, AWS, or Google Cloud. Your contracts are processed by 18+ specialized agents running on your infrastructure. Zero bytes of contract data are ever stored on Paralegent servers.
How does Paralegent AI handle personal data under GDPR?
Paralegent AI acts as a data processor when handling personal information on behalf of your organisation. We offer a Data Processing Agreement (DPA) to all enterprise customers, support data subject access requests, and ensure data minimisation across all processing activities.
Are my contracts used to train AI models?
Never. Commercial API agreements with Azure OpenAI, AWS Bedrock, and Google Vertex AI explicitly prohibit using customer data for model training. Your contracts remain confidential and are only processed within your own cloud environment under your API agreements.
Can I request deletion of my personal data?
Yes. Under GDPR and other applicable data protection laws, you have the right to request erasure of your personal data. Contact privacy@paralegent.ai and we will respond within one month. Contract data is already in your cloud — we have no copy to delete.
What third parties receive my personal information?
We share personal information only with essential service providers — cloud infrastructure, security tools, and analytics — under strict data protection agreements. We never sell your data to third parties or share it for marketing purposes. Your contract data stays entirely in your environment.
Your Data, Your Cloud
Ready to see Paralegent AI in your cloud?
Request a demo — your data never leaves your environment. Zero vendor-hosted processing, zero data retention.