The information we collect depends on how you interact with the Service. We group the categories below so you can see how AI-powered features, docket search, and account management work together.

We also obtain information from public records, licensing databases, professional networking platforms, joint marketing partners, analytics providers, and single sign-on services when you opt to connect them to ElevenFlo.

We and our service providers use cookies, local storage, and pixel tags to remember your preferences, keep you signed in, and understand how visitors use the Service. You can adjust your browser or device settings to refuse cookies, but doing so may limit functionality. For more information about cookies, visit http://www.allaboutdnt.com.

We process personal information to operate, secure, and improve ElevenFlo. Key purposes include:

• Delivering AI chat, docket research, document analysis, search results, and account features.
• Providing customer support and communicating updates, security alerts, and administrative messages.
• Monitoring usage, billing token consumption, rate limits, and service capacity.
• Researching and improving product performance, including evaluation of new AI prompts and tools.
• Detecting, investigating, and preventing abuse, fraud, or security incidents.
• Complying with legal obligations, enforcing our agreements, and protecting the rights of ElevenFlo, our users, and others.

ElevenFlo does not use your prompts, conversation transcripts, uploaded documents, or AI outputs to train ElevenFlo models. We configure Anthropic Claude, Google Gemini, and OpenAI web-search integrations based on their enterprise API defaults, which state that customer data is not used to train their foundation models. If any provider changes these commitments, we will update this policy and obtain any required consent.

For safety and abuse monitoring, we may review prompts or outputs flagged by automated systems or reported by users. Those reviews are limited to enforcing our Terms of Use and Trust & Safety policies and are not used to train AI models.

We share information only with parties that help us provide or protect the Service, or when required by law.

• Service providers. Cloud hosting, storage, analytics, customer support, payment, and email providers that act under our instructions.
• AI model providers. Anthropic (Claude models), Google LLC (Gemini models via the Google Generative AI API), and OpenAI LLC (web search tool) process your prompts and related context to generate responses.
• Infrastructure partners. Amazon Web Services, Inc. hosts our application infrastructure, encrypted document storage (S3), and managed Elasticsearch cluster that powers docket search.
• Professional advisors. Lawyers, auditors, bankers, and insurers assisting us with legal, financial, or compliance matters.
• Authorities. Law enforcement, regulators, and courts when required by law or needed to protect rights, safety, or security.
• Business transfers. Successors in interest during mergers, acquisitions, or similar transactions.

We do not sell personal information or share it for cross-context behavioral advertising.

We retain personal information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Currently we follow these guidelines:

• Account data remains while your account is active and for up to 24 months after closure unless we must keep it longer for tax, audit, or legal reasons.
• Chat transcripts and attachments remain available in your workspace until you delete them. Deleted conversations are scheduled for removal from active systems within 30 days and from backups within 90 days.
• Search queries, download counters, and token usage are generally retained for up to 18 months to support analytics, safety, and billing.
• Security and application logs are typically retained for 30 to 90 days, though longer retention may apply for investigations.

If legal requirements or legitimate business needs require longer retention, we will isolate data from normal use and delete it once those obligations end.

Please do not submit protected health information, payment card details, Social Security numbers, data about children under 18, export-controlled materials, or attorney-client privileged content unless your agreement with ElevenFlo expressly allows it and you have the necessary consents. ElevenFlo does not provide HIPAA-compliant services and does not act as a Business Associate.

• Account settings. Update account, contact, and firm details by signing into your profile.
• Conversation management. Delete individual AI conversations directly in the chat interface. Contact privacy@elevenflo.com to request bulk deletion.
• Marketing communications. Opt out of promotional email by following unsubscribe links or contacting us.
• Cookies. Adjust browser or device settings to reject or clear cookies.

We use technical, organizational, and physical safeguards designed to protect personal information, including encryption in transit (TLS 1.2 or higher), encryption at rest for stored files and databases, role-based access controls, network segmentation, monitoring, and regular security reviews. No system is entirely secure, so we encourage you to use strong passwords, enable multi-factor authentication where offered, and report suspected misuse promptly.

ElevenFlo is headquartered in the United States. When we transfer personal information outside your home jurisdiction, we rely on appropriate safeguards such as Standard Contractual Clauses, the UK International Data Transfer Addendum, and contractual commitments requiring service providers to protect the data with comparable safeguards. We also apply technical protections such as encryption, access controls, and limited retention to mitigate transfer risks.

ElevenFlo uses AI and automated systems to generate research suggestions, summarize documents, and enforce rate limits or abuse protections. These tools support your workflow but do not make decisions with legal or similarly significant effects about you. If you would like a human to review an AI-assisted decision or if you wish to object to profiling, contact us at privacy@elevenflo.com.

The Service is not intended for individuals under the age of 18. If you believe we have collected personal information from a child in violation of law, contact us and we will delete it.

We may update this Privacy Policy from time to time. When we do, we will change the effective date above and provide additional notice if required by law. Your continued use of the Service after we post changes signifies consent to the updated policy.

Email questions or privacy requests to privacy@elevenflo.com. You may also reach us at info@elevenflo.com for general inquiries.