Privacy Policy — FinalVerify

Effective date: March 17, 2026

Summary: Your documents are processed on our server and never stored after analysis. We collect your email address to create your account. We do not sell your data.

What Data We Collect

We collect the following information:

Email address — collected when you create an account, used for authentication and account management.
Documents uploaded for analysis — processed on our server to extract and verify citations. Documents are not retained after your analysis session is complete.
Audit run records — we store the results of your citation verification runs (verification statuses, citation counts, and AI memos) so you can access your history. The full document text is not stored.
Waitlist email — if you sign up for the Professional plan waitlist, we store your email address for that purpose only.

How Documents Are Processed

When you upload a document, it is sent to our secure server for processing. Citations are extracted and checked against external databases (CourtListener, Virginia LIS, GovInfo). The document content itself is never stored permanently — only the citation results and summary statistics are retained in your account history.

Documents are never shared with third parties for processing, with the exception described below regarding optional AI analysis.

AI Analysis and Third-Party Services

Default AI analysis uses an open-source language model running on our own server. When you use the default AI risk memo feature, your document content stays on our server and is not sent to any third-party AI service.

Optional enhanced AI analysis via OpenAI: If you or your administrator enable OpenAI-powered analysis in settings, citation data from your document will be sent to OpenAI for processing. When this option is used, OpenAI's privacy policy and data handling terms apply to that data. We send only citation-level data (citation text, verification status, and summary statistics) — not the full document text.

User Account Data

Your email address and password (stored as a salted hash — we never store your plain-text password) are retained for as long as your account exists. You may contact us to delete your account and associated data.

Cookies and Sessions

FinalVerify uses session cookies for authentication. A session cookie is set when you log in and expires after 24 hours of inactivity. We do not use tracking cookies or analytics cookies.

Data Retention

Uploaded documents: not retained after processing
Audit run results (citation statuses, memos): retained in your account history until you delete them or your account
Account credentials: retained until account deletion
Waitlist entries: retained until the Professional plan launches or you request removal

Data Security

FinalVerify is hosted on a secure server. We use standard security practices including password hashing, session management, and HTTPS. We do not sell or share your personal data with third parties for advertising or marketing purposes.

Contact for Privacy Concerns

If you have questions about this privacy policy or want to request deletion of your data, contact us at [email protected].