CASETHREAD
Platform Solutions
Personal Injury Case AnalysisPurpose-built for personal injury Customizable Case File ReviewAny matter · configured to your goals
How It Works Security About Request a demo

Privacy Policy

Last updated: June 1, 2026

Casethread LLC, a South Carolina limited liability company ("Casethread," "we," "us," or "our"), respects the privacy and confidentiality of the information entrusted to us. This Privacy Policy explains how we collect, use, share, and protect information in connection with our website at casethread.ai (the "Site") and the AI-assisted document review and analysis services we provide to law firms and legal professionals (the "Services").

Questions about this policy can be directed to contact@casethread.ai.

1. Scope and our two roles

This policy addresses two different contexts:

  • The Site. When you visit casethread.ai or submit our demo/contact form, Casethread acts as the controller of the limited personal information you provide or that is collected automatically.
  • The Services. When a law firm or other client engages us to process case files, those files may contain personal information about third parties (for example, claimants, patients, or witnesses). We process that material on behalf of, and under the instructions of, our client under a written Master Services Agreement and Data Processing and Confidentiality Addendum ("DPA"). For that data, our client is responsible for its own privacy notices and legal authority, and the DPA governs our handling. Where the DPA and this policy differ for client data, the DPA controls.

2. Information we collect

Information you give us through the Site. When you complete our contact or demo-request form, we collect your name, work email, firm or organization, role, practice area, approximate matter volume, and any description of your matter or need you choose to share.

Information collected automatically. When you use the Site, we may collect standard technical and usage data such as IP address, browser and device type, pages viewed, and referring URLs, through server logs and cookies (see Section 9).

Client case-file data (Services). In the course of the Services, we receive documents and data provided by our clients, which may include medical records, health information, personal information, financial information, and other sensitive records obtained through litigation discovery, subpoena, authorization, court order, protective order, or similar process ("Client Data"). We process Client Data solely to perform the Services, under our client's instructions and the DPA.

3. How we use information

We use Site information to respond to your inquiry, provide a demo, communicate with you about Casethread, operate and improve the Site, maintain security, and meet legal obligations. We use Client Data only to perform the Services for the client that provided it, and as permitted by the DPA. We do not sell personal information or Client Data.

4. Artificial intelligence and no model training

Our Services use artificial intelligence, provided through one or more third-party AI providers, to assist with document classification, summarization, and extraction. We take specific measures around this processing:

  • No model training. We do not use Client Data to train, fine-tune, or otherwise improve any generally available AI or machine-learning model, and we do not opt in to any program under which Client Data would be used for model training or product improvement. We have disabled data-sharing and model-training settings with our AI provider.
  • Identifier redaction. Before transmitting text derived from Client Data to our AI provider, we use automated detection and tokenization/redaction processes designed to identify and remove or mask detected direct personal identifiers. We do not knowingly transmit unredacted direct personal identifiers, document images, audio, or video to our AI provider as part of the Services unless expressly authorized in a statement of work. This is a risk-reduction measure and is not a certified de-identification.
  • Provider retention. Under our AI provider's standard API policy, data submitted through the API is not used to train its models and may be retained by the provider only for a limited period for abuse monitoring and legal compliance before deletion.
  • Human review. AI-generated outputs are reviewed by our personnel before delivery. Outputs are informational and are not legal advice.

5. How we share information; subprocessors

We share information only as needed to operate, and under contractual confidentiality and data-protection obligations:

  • Service providers (subprocessors). We engage a small number of trusted service providers — including cloud hosting and storage, secure file transfer, and AI processing providers — to help deliver the Services. Each is engaged under a written agreement requiring appropriate confidentiality and data protection, and we provide clients reasonable prior notice before adding or replacing a subprocessor that processes Client Data. A current list of our subprocessors is available to clients on request.
  • With our client. For Services data, we share with, and act on the instructions of, the client that engaged us.
  • Legal and safety. We may disclose information where required by law or valid legal process, or to protect rights, safety, and property.
  • Business transfers. Information may be transferred in connection with a merger, acquisition, or sale of assets, subject to this policy.

6. Where we process data

We process data in the United States and do not transfer Client Data outside the United States without the client's prior written consent.

7. Data retention, return, and deletion

We retain the information you submit through the Site — including demo and contact requests — so we can respond to you and maintain our business records, and you may ask us to delete your information at any time (see Section 10). We retain Client Data only as long as necessary to perform the Services and meet legal obligations. On termination of an engagement, or earlier on the client's written request, we will, at the client's option, return Client Data in a commercially reasonable format or delete it, and will delete remaining copies within 30 days, except for copies retained in routine backups, archival systems, logs, or as required by law or court order. Retained copies remain protected until deleted.

8. How we protect information

We maintain administrative, technical, and physical safeguards designed to protect information, including: encryption in transit (TLS 1.2 or higher) and at rest (AES-256 or equivalent); role-based access controls and least privilege; multi-factor authentication for administrative access; logging and monitoring; vulnerability management and timely patching; secure development practices; personnel security and training; and documented incident-response procedures. If we confirm a security incident affecting Client Data, we notify the affected client without undue delay and within 72 hours. No system is perfectly secure, and we cannot guarantee absolute security.

9. Cookies and analytics

The Site uses cookies and similar technologies for two purposes: those necessary for the Site to function, and analytics. We use Google Analytics to understand how visitors use the Site so we can improve it; Google Analytics sets cookies and collects usage information such as pages viewed, approximate location, and device and browser type. You can control or disable cookies through your browser settings, and you can opt out of Google Analytics using Google's opt-out browser add-on at tools.google.com/dlpage/gaoptout. We do not use cookies to sell your personal information.

10. Your privacy rights

Depending on where you live, you may have rights to access, correct, delete, or restrict the use of your personal information, and to opt out of certain processing. To make a request, email contact@casethread.ai; we will respond as required by applicable law and may need to verify your identity.

California residents. Under the California Consumer Privacy Act, as amended, California residents may request access to or deletion of their personal information and may opt out of the "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under California law. We do not use or disclose sensitive personal information for purposes that would require an opt-out right. To exercise your rights, contact us at the email above; we will not discriminate against you for doing so.

11. Health and other sensitive information

Client Data may include health information and other sensitive records that our clients obtain through litigation. Our clients are responsible for the legal authority to provide that data to us and for any protective order, court order, or professional-responsibility obligation that applies. Unless we and a client separately sign a Business Associate Agreement, we do not act as a "business associate" under HIPAA in providing the Services.

12. Children's privacy

The Site and Services are directed to legal professionals and are not intended for individuals under 18. We do not knowingly collect personal information directly from children.

13. Third-party links

The Site may link to third-party websites we do not control. Their privacy practices are governed by their own policies.

14. Changes to this policy

We may update this policy from time to time. We will post the updated version with a new "Last updated" date and, where appropriate, provide additional notice.

15. Contact us

Casethread LLC · contact@casethread.ai · South Carolina, USA. A mailing address is available on request.


This policy reflects Casethread's current practices and its Master Services Agreement and Data Processing Addendum. We recommend a licensed attorney review it against your final go-to-market and applicable laws before publication.

CASETHREAD

AI intelligence for legal matters. Specialized in personal injury.

Platform
Platform overview
Solutions
Personal Injury Case Analysis Customizable Case File Review
Company
How It Works Security About Contact
Legal
Privacy Policy Terms of Use
Casethread provides AI-assisted document services and does not provide legal advice. © 2026 Casethread LLC, a South Carolina limited liability company. casethread.ai