Lexyno.

Pricing
Log inRequest Sample

Privacy Policy

Last Updated: December 26, 2025

This Privacy Policy explains how Lexyno (“Lexyno,” “we,” “us,” “our”) collects, uses, discloses, and retains personal information when you visit our marketing website, create an account or use our application, request sample demands, subscribe to a plan, or otherwise interact with us (collectively, the “Services”).

Quick Summary (Notice at Collection)

We collect the following categories of information:

  • Account and contact information (e.g., name, work email, firm name, title/role).
  • Billing and subscription information (handled through our payment processor; we receive limited billing metadata).
  • Usage and device data (e.g., IP address, browser/device details, activity logs).
  • Customer Content submitted in the app (e.g., case documents, case facts, medical chronology data) when our customers upload or enter information for a matter.

We use this information to:

  • Provide, maintain, and secure the Services.
  • Operate case workflows and deliver exports (including Google Docs export).
  • Provide customer support and communicate with you.
  • Improve reliability, performance, and product features.
  • Send marketing communications where permitted (with opt-out controls).

We disclose information to service providers that help us run the Services (hosting, analytics, payment processing, security, customer support tooling, and AI infrastructure), and to authorities or others as required by law.

1) Important Role Distinction: Customer Data vs. Lexyno Website Data

A. When Lexyno processes Customer Content in the app

Lexyno is typically a processor/service provider and the law firm (our customer) is typically the controller/business for case-related personal information (including claimant medical information). We process Customer Content only to provide the Services and under our customer’s instructions (for example: parsing, extracting medical events, enforcing Fact-Lock, generating demand letter sections, and exporting drafts to Google Docs).

If you are a claimant/patient whose information was uploaded by a law firm using Lexyno, direct privacy requests to that law firm first, because they control the case file and the legal basis for processing.

B. When you use our marketing website

We act as the controller for information collected on our marketing website (e.g., “Request Sample Demands” submissions, newsletter signups, and website analytics).

2) Personal Information We Collect

2.1 Information you provide directly

  • Marketing and account data: name, email, phone number (if provided), firm name, title/role, jurisdiction/state, and information you submit via forms.
  • Support communications: messages and content you send to us (support requests, feedback, and correspondence).
  • Subscription and billing-related data: subscription status, plan tier, invoice references, and limited payment metadata (payment processing is handled by our payment processor, such as Stripe).
  • Customer Content (in-app): case documents and files uploaded for a matter (which may include medical records and other sensitive information), and structured case facts and medical events extracted and stored to support chronology and Fact-Lock workflows.

2.2 Information collected automatically

  • Device and connection data: IP address, device type, OS, browser, and approximate location.
  • Usage data: pages/screens viewed, feature usage, clicks, timestamps, and referrer URLs.
  • Cookies and similar technologies: see “Cookies, Analytics, and Advertising” below.

2.3 Information from third parties

  • Integrations: authentication and integration signals (e.g., Google OAuth) if you connect third-party services.
  • Payments: payment and subscription signals from our payment processor (e.g., successful payment, failure, refunds/chargebacks if applicable).
  • Analytics/advertising partners: information from vendors that help measure marketing performance (if enabled).

3) How We Use Personal Information

  • Provide and operate the Services: create accounts, authenticate users, administer firm tenants, run case workflows, process uploaded files, extract case facts/medical events, and generate draft outputs.
  • Security and fraud prevention: monitor for abuse, enforce access controls, maintain audit logs, and protect the integrity of the Services.
  • Customer support and communications: respond to requests, provide service messages, and send product/administrative updates.
  • Improve and develop the Services: debug, analyze performance, improve reliability, and build new features. We may create aggregated/de-identified data for analytics and product improvement.
  • Marketing (where permitted): send newsletters and product updates. You can opt out at any time.

AI / Model Use of Customer Content

Lexyno may use third-party AI infrastructure to provide the Services (for example, extraction or drafting). We do not permit third-party AI providers to use Customer Content to train or improve their models for the benefit of other customers, where contractually available.

4) How We Disclose Personal Information

  • Service providers (subprocessors): hosting, database/storage, analytics, email delivery, customer support tooling, security vendors, payment processing, and AI infrastructure used to deliver the Services.
  • Customer-controlled recipients: when a customer exports or shares outputs (including exports to Google Docs/Drive environments the customer controls).
  • Legal and compliance disclosures: to comply with law and protect rights, safety, and security.
  • Business transfers: in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets.

5) Sensitive Information (Medical / Case Records)

Customer Content may include sensitive personal information, including medical information. Lexyno processes this data to provide the Services to law firms (for example, building a medical chronology and generating demand letter sections) and to support verification and Fact-Lock controls.

6) Data Retention

We retain personal information for as long as reasonably necessary to provide the Services, meet contractual obligations, maintain security and audit logs, and comply with legal obligations. Customer Content is retained according to the customer contract and account settings/administration, and may persist for a limited period after account termination to allow retrieval, dispute resolution, and backup integrity (subject to contract).

7) Cookies, Analytics, and Advertising

We may use cookies and similar technologies to keep you signed in (essential cookies), remember preferences (functional cookies), understand usage and improve performance (analytics cookies), and support marketing attribution and (if enabled) advertising (advertising cookies).

If your browser sends a Global Privacy Control (GPC) signal, we will treat it as a request to opt out of “sale”/“sharing” for cross-context behavioral advertising where applicable under certain laws.

8) Your Privacy Rights and Choices

8.1 Marketing opt-out

You can opt out of marketing emails by using the unsubscribe link in the email or by contacting us.

8.2 Access, correction, deletion, portability

Depending on where you live, you may have rights to request access to, correction of, deletion of, or a copy/portability of certain personal information.

8.3 “Do Not Sell or Share” (California-style rights)

Lexyno does not sell personal information for money. If we engage in cross-context behavioral advertising on the marketing site, disclosures to certain advertising partners may be considered “sharing” under California law, and you may opt out (including via GPC where applicable).

8.4 Requests involving Customer Content (claimants/patients)

If your personal information appears in a law firm’s case file within Lexyno, the law firm controls that data. Submit requests to that law firm first. Lexyno will support lawful requests consistent with our contractual role as a processor/service provider.

9) Security

We use administrative, technical, and organizational measures designed to protect personal information. No method of transmission or storage is perfectly secure; risk cannot be eliminated.

10) International Data Transfers

Lexyno and its service providers may process information in the United States and other countries where they operate. Where required, we rely on appropriate transfer mechanisms and contractual safeguards.

11) Children

The Services are not directed to children, and we do not knowingly collect personal information from children.

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will update the “Last Updated” date and post the updated version on our website.

13) Contact Us

For privacy questions or requests, contact us at privacy@getlexyno.com.