Causio
FeaturesPricingUse CasesIntegrationsBlogContact
Causio

AI-powered case management built for European law firms. GDPR-native from day one.

Made in Europe 🇪🇺
LinkedInTwitter

Product

  • Features
  • Pricing
  • Integrations
  • Security
  • Changelog

Use Cases

  • Civil Litigation
  • Family Law
  • Criminal Defense
  • Corporate Law
  • Immigration Law

Resources

  • Blog
  • Help Center
  • API Docs
  • Status

Legal

  • Privacy Policy
  • Terms of Service
  • DPA

Company

  • About
  • Contact
  • Careers
  • Referral Program

© 2026 Causio. All rights reserved.

||||||
PrivacyTermsDPA

Privacy Policy

Last updated: March 2026

1. Introduction

Causio (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered legal case management platform. We are fully compliant with the General Data Protection Regulation (GDPR) and other applicable European data protection laws.

2. Data We Collect

We collect the following categories of personal data:

  • Account Information: Name, email address, organization name, role, and authentication credentials (managed via Clerk).
  • Case Data: Case details, documents, evidence, notes, and communications uploaded or created within the platform.
  • Voice Data: Audio recordings from AI intake interviews, processed via OpenAI Whisper API for transcription.
  • Usage Data: Feature usage, AI credit consumption, session logs, and platform interaction analytics.
  • Payment Data: Billing information processed securely via Stripe. We do not store credit card numbers.

3. How We Use Your Data

  • To provide and maintain the Causio platform and its features.
  • To process AI analysis, voice transcription, and evidence scoring.
  • To manage your account, subscriptions, and billing.
  • To send transactional notifications (case updates, credit alerts).
  • To improve our platform through anonymized usage analytics.
  • To comply with legal obligations and enforce our terms of service.

4. Data Processing & AI

Your case data is processed by AI models (Anthropic Claude API) solely for the purpose of providing AI-powered features such as intake analysis, evidence scoring, and case chat. We do not use your data to train AI models. All AI processing is subject to our data processing agreements with sub-processors.

5. Data Storage & Security

Data is stored on servers within the European Union. We implement field-level encryption for sensitive data, use AWS KMS for key management, and maintain comprehensive audit trails. Access is controlled through role-based permissions with organization-level data isolation.

6. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Access: Request a copy of all personal data we hold about you.
  • Rectification: Request correction of inaccurate personal data.
  • Erasure:Request deletion of your personal data (“right to be forgotten”).
  • Portability: Request your data in a structured, machine-readable format.
  • Restriction: Request limitation of processing in certain circumstances.
  • Objection: Object to processing based on legitimate interests.

7. Legal Basis for Processing

We process your personal data under the following legal bases (Article 6 GDPR):

  • Contract Performance (Art. 6(1)(b)): Processing necessary to provide the Causio platform, manage your account, and deliver subscribed services.
  • Legitimate Interest (Art. 6(1)(f)): Platform security, fraud prevention, anonymized analytics for service improvement, and ensuring system reliability.
  • Consent (Art. 6(1)(a)): Marketing communications, non-essential cookies, AI case analysis beyond core features, and third-party integration data sharing. You may withdraw consent at any time via Settings > GDPR.
  • Legal Obligation (Art. 6(1)(c)): Retention of billing records, compliance with court orders, and regulatory reporting obligations.

8. Cookies & Tracking Technologies

We use cookies and similar technologies to operate and improve the platform:

  • Strictly Necessary Cookies: Authentication session tokens (via Clerk), CSRF protection, and security cookies. These cannot be disabled as they are essential for platform operation.
  • Functional Cookies: Language preferences, theme settings (dark/light mode), and sidebar state. These improve your experience but are not essential.
  • Analytics Cookies: Anonymized usage data to understand feature adoption and improve the platform. These are only set with your explicit consent.

We do not use advertising or profiling cookies. You can manage your cookie preferences at any time. Most browsers allow you to refuse or delete cookies through their settings. Note that disabling strictly necessary cookies may prevent you from using the platform.

9. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Case data is retained according to legal requirements applicable to your jurisdiction. You may request deletion at any time via Settings or by contacting us.

10. Sub-Processors

We use the following sub-processors: Convex (database), Clerk (authentication), Stripe (payments), Anthropic (AI processing), OpenAI (voice transcription and embeddings), Composio (integrations), and Resend (email notifications). Each sub-processor is bound by data processing agreements ensuring GDPR compliance.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting a prominent notice on the platform and updating the “Last updated” date above. Your continued use of the Service after any changes constitutes acceptance of the revised policy.

12. Contact

For privacy-related inquiries, data access requests, or to exercise your GDPR rights, contact our Data Protection Officer at privacy@causio.eu.