s Sidebar

Sidebar AI — Privacy Statement

Effective date: May 23, 2026

Sidebar AI, Inc. (“Sidebar AI,” “we”) provides a technology platform (the “Platform”) that hosts a private, encrypted workspace (the “Workspace”) where you can use leading AI models alongside a lawyer of your choice. Sidebar AI respects your privacy and is committed to protecting it through our compliance with this Privacy Statement. This Privacy Statement describes what personal information we collect, what we do with it, and the choices you have.

1. The Platform’s Privacy Foundation

(a) Privacy is the foundation of the Platform, not a feature. The Platform is designed so the contents of your Workspace — your questions, documents, and conversations — are accessible only to you and the lawyer(s) you have invited. Sidebar AI does not read the contents of your Workspace except as strictly necessary for technical operation, security, or legal compliance.

(b) We do not use your inputs to train AI models. We use enterprise APIs from AI providers whose enterprise terms provide that your inputs will not be used to train any AI model. Sidebar AI does not itself train AI models on your inputs and does not authorize providers or any third party to do so.

(c) Conversations are encrypted. Workspace data is encrypted in transit and at rest.

2. What We Collect

We collect three categories of information:

(a) Account information. Name, email address, password (hashed), authentication credentials, and account preferences you provide when registering with Sidebar AI.

(b) Subscription and billing information. Plan, billing address, and a token for your payment method. We do not store full payment card numbers; payment processing is handled by our third party payment processor.

(c) Usage and operational data. Information generated automatically when you use the Platform, including timestamps, IP address, device and browser type, error logs, security events, and metadata about Workspace activity (for example, that a Workspace was created, that a lawyer was invited, or that a session began). This data is used to operate, secure, and improve the Platform; it does not include the contents of your Workspace messages or documents.

3. What We Do Not Collect or Access

(a) Workspace contents. We do not access your Workspace messages, documents, prompts, or output from your interactions with AI models (“AI Outputs”) except as strictly necessary for technical operation, security, or legal compliance. Your Workspace contents are not used by us for any purpose other than delivering the Workspace to you and the lawyer(s) you have invited and operating the Platform’s technical infrastructure.

(b) Training data. Your inputs and the AI Outputs in your Workspace are not used to train any AI model.

(c) Sensitive identifiers. We do not request government identifiers or biometric data, and we do not request sensitive personal information except where required for compliance (for example, the bar credentials of lawyers in our network).

4. How We Use Information

We use account, subscription, and operational data to:

  • provide and maintain the Platform;
  • authenticate users and protect against fraud and abuse;
  • bill subscriptions and address billing issues;
  • provide customer support;
  • communicate service updates, security notices, and (where you have opted in) product news;
  • improve performance, fix bugs, and develop new features; and
  • comply with law and protect our and others’ rights.

We do not sell your personal information.

5. Sharing of Information

We share information in limited circumstances:

(a) Service providers. We use vetted third-party service providers to operate the Platform (for example, cloud hosting, AI model APIs, payment processing, email delivery, error monitoring, and customer support). These service providers access your information only as needed to perform their services for us, under contractual confidentiality and data-protection obligations.

(b) AI providers. AI Outputs are generated by third-party AI providers (for example, OpenAI and Anthropic). When you submit a prompt, that prompt is sent through the provider’s API to generate a response. We use enterprise API tiers configured so the provider does not retain your inputs for training. The AI provider’s processing is governed by its own terms.

(c) Lawyers in your Workspace. Anyone you invite into your Workspace — including a lawyer selected from Sidebar AI’s network or your existing lawyer — has access to the Workspace’s contents, which is the point of the Workspace.

(d) Legal and safety. We may disclose information when we believe in good faith that disclosure is necessary to (i) comply with a valid legal process, (ii) protect Sidebar AI, our users, or the public from harm, or (iii) enforce our Terms.

(e) Corporate transactions. If we are involved in a merger, acquisition, financing, or asset sale, information may transfer as part of the transaction, subject to commercially reasonable confidentiality and to this Privacy Statement.

6. Retention

(a) Workspace contents. Retained while your account is active. After cancellation, we retain Workspace contents for 30 days to allow account reinstatement, and then delete or de-identify the contents, subject to legal-hold or legitimate-interest exceptions.

(b) Account and billing records. Retained as required for tax, accounting, and audit purposes, typically up to seven years.

(c) Operational logs. Retained for security and audit periods consistent with industry practice, typically up to thirteen months.

(d) Lawyer records. Lawyers invited into your Workspace are responsible for retaining their own client files in accordance with the rules of professional conduct that apply to them.

7. Security

We use commercially reasonable administrative, technical, and physical measures to protect your information, including encryption in transit and at rest, access controls, audit logging, and routine vulnerability testing. No system is perfectly secure. If we learn of a security incident affecting your information, we will notify you as required by law.

8. Your Rights

Depending on where you live, you may have certain rights under applicable privacy laws, including:

  • the right to know what personal information we have about you;
  • the right to access or receive a copy of that information;
  • the right to correct inaccurate information;
  • the right to delete information, subject to legitimate exceptions;
  • the right to opt out of “sales” or “sharing” of personal information (we do not sell or share for cross-context behavioral advertising);
  • the right to object to or restrict certain processing;
  • the right to portability; and/or
  • the right to lodge a complaint with a supervisory authority.

To exercise these rights, email privacy@sidebarchat.ai. We will verify your identity and respond within the timeframe required by applicable law. We will not retaliate against you for exercising your rights.

California residents. California law gives you specific rights, including the right to request a list of personal information disclosed for direct marketing in the prior calendar year. We do not disclose personal information for third-party direct marketing.

EU/UK/Swiss residents. Where the GDPR or similar laws apply, our legal bases for processing are: (i) performance of our contract with you; (ii) our legitimate interests in operating, securing, and improving the Platform; (iii) compliance with legal obligations; and (iv) consent where required.

9. International Transfers

We are based in the United States. If you access the Platform from outside the U.S., your information will be transferred to and processed in the U.S. and other countries. Where required by law, we use approved transfer mechanisms (such as the EU Standard Contractual Clauses).

10. Children

The Platform is not directed to children under 18, and we do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us at privacy@sidebarchat.ai and we will delete it.

11. Changes

We will update this Privacy Statement from time to time. Material changes will be communicated by email or in-Platform notice. The “Effective date” at the top of this Privacy Statement indicates the most recent version.

12. Contact

To ask questions or comment about this Privacy Statement and our privacy practices, contact us at: privacy@sidebarchat.ai

Sidebar AI is a technology platform. Sidebar AI does not provide legal services. Sidebar AI does not access the contents of your Workspace.