Legal

Privacy Policy

Effective: November 15, 2025  ·  Last Updated: March 7, 2026

Short version: We collect only what we need to run the service. We never sell your data. You can delete your account and all associated data at any time from your account dashboard.

1. Who We Are

FlawFinder is a legal research platform operated by FlawFinder.AI. We provide AI-powered search across federal law, federal case law, and police standard operating procedures. Our registered contact email is support@flawfinder.ai.

2. Information We Collect

Account Information. When you create an account, we collect your email address and (optionally) your name. If you subscribe, we collect billing information through Stripe — we never store raw card numbers.

Usage Data. We log search queries, features used, and general usage patterns to improve the service. We do not log the results of your queries in a personally identifiable way.

Support Communications. If you contact us by email, we retain that correspondence to resolve your issue and improve our service.

Google OAuth. If you sign in with Google, we receive your name and email address from Google. We do not receive your Google password or access any other Google data.

3. How We Use Your Information

We use collected information to: operate and improve the FlawFinder platform; process payments and manage subscriptions; send transactional emails (receipts, account notices); respond to support requests; and detect and prevent fraud or abuse. We do not use your data for advertising or sell it to third parties.

4. Sharing Your Information

We share your data only with the following service providers, solely to operate our platform:

Stripe — payment processing. Governed by Stripe's Privacy Policy.

Google — OAuth sign-in only.

Hetzner — cloud infrastructure hosting our servers.

We will disclose personal information to law enforcement or government agencies only if required by law or a valid legal process.

5. Data Storage and Security

Our servers are located in the European Union (Hetzner). We use industry-standard encryption in transit (TLS) and at rest. Stripe handles all payment card data under their PCI-DSS compliance program — we do not store card numbers on our servers.

6. Cookies

We use session cookies for authentication and lightweight analytics cookies to understand aggregate usage (e.g., which features are used most). We do not use advertising cookies or third-party tracking pixels.

7. Your Rights

You may access, export, or delete your account and associated data at any time from your account dashboard. To request data deletion or a copy of your data, contact support@flawfinder.ai. We will respond within 30 days.

8. Children's Privacy

FlawFinder is intended for users 18 years of age or older. We do not knowingly collect personal information from minors.

9. Changes to This Policy

We may update this policy periodically. Material changes will be communicated by email or a prominent notice on the platform. Continued use after changes constitutes acceptance.

10. Contact

Privacy questions or requests: support@flawfinder.ai