Privacy Policy
Last updated: 18 August 2025
Who we are: REMEDY LEGAL TECHNOLOGY LTD ("Remedy", "we", "us"). Company number 16535799. Registered office: Flat 1, 40 Leverton Street, London, England, NW5 2PG. Contact: hello@remedylegal.ai.
We are the data controller for personal data we collect and use through our public website (the Site) and our logged‑in web application (the Platform). This policy explains what we collect, why, how long we keep it, who we share it with and your rights.
We’re UK‑only and our services are intended for people aged 18+. If you’re under 18, please don’t use the Platform.
Plain‑English summary (not a substitute for the full policy)
- We collect only what we need to run Remedy (account details, content you upload, usage and device data, and payment details handled by our processors).
- We use some AI‑powered features (assessment tools, question resolution and task management). Data may be processed by vetted third‑party AI providers under contract.
- We don’t sell your personal data. We share data with service providers (hosting, authentication, payments, analytics, communications) so we can deliver the service.
- Non‑essential cookies/analytics require consent. You can change your cookie choices any time (see our Cookie Policy).
- You have UK GDPR rights (access, delete, object, etc.). Email hello@remedylegal.ai to exercise them or make a complaint. You can also complain to the ICO.
1) What this policy covers
This policy applies when you visit the Site or use the Platform. It doesn’t cover third‑party websites or services we link to—check their privacy notices.
2) What we collect
Depending on how you use Remedy, we may collect the following:
A. Account & identity data – name, email address, password hash; if you use Google sign‑in, we receive basic profile information (e.g., name and email) used only for authentication.
B. Contact & support data – messages you send us (including complaints), and the metadata needed to respond.
C. Matter data / documents – information you upload or enter into the Platform (e.g., facts, timelines, attachments) to manage your own consumer dispute or tribunal matter.
D. AI interaction data – prompts, questions and outputs generated when you use AI‑powered features; feedback you give on outputs.
E. Payment & transaction data – records of purchases you make on the Platform (payment card details are handled by our payment processor, not stored by us).
F. Usage & device data – IP address, device/browser type, app version, pages viewed, actions taken, diagnostics and crash logs. Collected via our systems and cookies/SDKs—see Cookie Policy.
G. Marketing preferences – your communications preferences and opt‑in/opt‑out records.
Children – Our services are for 18+. We don’t knowingly collect data from children.
3) Special category & criminal‑offence data
Remedy is not a law firm. We discourage uploading special category data (e.g., health, racial/ethnic origin, trade‑union membership) or criminal‑offence data unless it’s strictly necessary for your matter and lawful to process. Where such data is unavoidable, we will rely on one or more of: your explicit consent, necessity for the establishment, exercise or defence of legal claims, and applicable UK Data Protection Act 2018 conditions. You can contact us for more information before sharing sensitive data.
4) How we use your data (purposes & lawful bases)
We only process personal data where we have a lawful basis under UK GDPR. Here’s a summary:
| Purpose | Examples of what we do | Categories | Lawful basis |
|---|---|---|---|
| Provide the Platform and Site | Create/manage accounts; authenticate (email/password or Google); provide tools and workflows; customer support | A, B, C, D, F | Contract (to provide the service); Legitimate interests (operate, secure, improve) |
| AI‑powered features | Assessment tools, question resolution, task management using third‑party AI | C, D | Contract; Legitimate interests (deliver and improve features); sometimes Consent where required (e.g., for certain inputs) |
| Payments | Process purchases and keep records | E | Contract; Legal obligation (tax/records) |
| Security & fraud prevention | Monitoring, logs, access control, incident response | A, D, F | Legitimate interests (keep services and users safe); Legal obligation |
| Analytics & product improvement | Aggregate/anonymise usage to understand performance and improve | D, F | Consent for non‑essential analytics; Legitimate interests for essential quality and diagnostics |
| Marketing communications | Send updates and offers where allowed | G, A | Consent (and soft opt‑in for our own similar services to existing customers), with the right to opt out at any time |
| Legal & compliance | Handle complaints, claims, regulatory requests | All as needed | Legal obligation; Legitimate interests; for sensitive data, legal claims |
5) AI features and automated decision‑making
We use third‑party AI providers to power some features. We require them, by contract, to protect confidentiality and security. AI may produce incorrect or inappropriate outputs—you should review and verify results before acting. We do not make solely automated decisions that produce legal or similarly significant effects about you. If that ever changes, we’ll let you know and explain your rights.
6) Cookies and similar technologies
We use cookies and similar technologies on the Site and Platform. Non‑essential cookies (e.g., analytics) require your consent. You can manage choices via our cookie banner or in your browser. For full details, see our Cookie Policy.
7) Who we share data with
We share data with service providers who help us run Remedy, under contracts that protect your data. Typical categories include:
- Hosting & infrastructure (e.g., cloud hosting, backups)
- Authentication (email/password tools; Google sign‑in)
- AI providers (to power AI features)
- Payments (card processing and fraud prevention)
- Analytics & error monitoring
- Communications (email delivery, in‑app messaging)
- Professional advisers (legal, accounting) and authorities where required by law
We don’t sell your personal data.
8) International transfers
Some providers may process data outside the UK. Where we make restricted transfers, we’ll use a valid safeguard (for example, the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses), and assess local laws where appropriate. We may also rely on adequacy regulations where available.
9) How long we keep data (retention)
We keep data only as long as needed for the purposes above:
- Account data: for the life of your account, then a short period for closure/admin.
- Matter data / documents: you can delete these from your workspace; we may keep secure backups for a limited cycle.
- Payments/transactions: typically 6 years for tax/audit.
- Support communications: typically 2 years after resolution.
- Logs/diagnostics: typically 12–24 months.
Backups may persist for a limited time after deletion. We may retain data longer if required by law or to resolve disputes.
10) Security
We use appropriate technical and organisational measures to protect personal data (for example, encryption in transit, access controls, monitoring and staff training). No system is perfectly secure, but we work to prevent and detect misuse or unauthorised access. If we believe a breach has affected your rights and freedoms, we’ll notify you and (where required) the ICO.
11) Your rights
Under UK data protection law, you have rights including access, rectification, erasure, restriction, portability, objection to processing (including objection to direct marketing), and rights related to automated decision‑making. To exercise your rights, email hello@remedylegal.ai. We may ask for information to verify your identity. You also have the right to complain to the Information Commissioner’s Office (ICO).
ICO contact: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; ico.org.uk; tel. 0303 123 1113.
12) Direct marketing
We’ll only send you marketing by email or SMS with your consent or where soft opt‑in applies (our own similar services to existing customers). You can opt out any time by clicking unsubscribe or emailing hello@remedylegal.ai. We don’t share your details with third parties for their own marketing.
13) Links and third parties
The Site/Platform may link to third‑party sites or services. Their privacy practices are their own—please read their privacy policies.
14) Changes to this policy
We may update this policy from time to time. We’ll post changes here and update the Effective date. If changes are significant, we may email or notify you in‑app.
15) Contact us
Questions or requests about this policy: hello@remedylegal.ai.
