VIDHIBODH.AI is committed to making artificial intelligence a safe, ethical, and highly productive tool for legal professionals, law students, researchers, and organizations in India and beyond. Our generative AI platform assists with legal research, contract analysis, document summarization, clause drafting, case-law insights, and related utilities while prioritizing the confidentiality and protection of all personal and sensitive legal data entrusted to us.
This Privacy Policy explains how VIDHIBODH.AI (operated by [Your Legal Entity Name] Private Limited) collects, uses, discloses, stores, protects, and enables you to control your digital personal data when you access or use our website, mobile/web applications, APIs, browser extensions, or any other services (collectively, the “Services”).
This Policy applies to all digital personal data processed by VIDHIBODH.AI as a Data Fiduciary under the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and rules thereunder. It does not apply to personal data we process purely as a Data Processor on behalf of enterprise/business customers under separate Data Processing Agreements (DPAs) or master service contracts. Such enterprise data is governed exclusively by those agreements.
For details on how anonymized or aggregated usage data may contribute to model safety, bias mitigation, or performance benchmarking (without training on identifiable legal content), refer to our Help Center Article on AI Training & Data Practices.
This category contains the most sensitive information: text prompts, legal questions, fact patterns; uploaded files (pleadings, contracts, judgments, affidavits, notices, due‑diligence reports); generated outputs you choose to save/export; metadata embedded in documents (author names, dates, court stamps) if present. We treat all such content as highly confidential and apply strict controls.
To operate and deliver VIDHIBODH.AI’s core legal AI functionalities: real‑time query answering, document analysis, clause generation, summarization, redaction suggestions, research assistance, saving/exporting outputs, account management, subscription billing.
We may use aggregated, strongly anonymized, or synthetic derivatives of usage patterns (never raw identifiable prompts/documents) to improve model accuracy, reduce hallucinations, enhance legal‑domain relevance, mitigate bias, and develop safety filters. We do not use identifiable user prompts, uploaded legal documents, or any content containing personal data or client confidences for model training or fine‑tuning unless you give separate, granular, affirmative opt‑in consent (via an explicit in‑app checkbox or setting, which you can withdraw anytime). By default, all user legal inputs are processed ephemerally and excluded from training datasets.
Responding to tickets, resolving technical/legal‑accuracy issues, sending mandatory service/security notices, product updates (with opt‑out for non‑essential marketing).
Complying with court orders, Bar Council directives, MeitY/DPDP notifications, preventing fraud/misuse, enforcing Terms of Service, defending legal claims.
VIDHIBODH.AI treats all personal data — especially the highly sensitive legal content you entrust to us — with the strictest confidentiality. We do not sell, rent, lease, trade, or otherwise commercially exploit personal data. Any disclosure or sharing occurs only under limited, clearly defined circumstances described below, in full compliance with the DPDP Act and other applicable laws.
We engage carefully selected third‑party service providers (acting as Data Processors) to support essential platform operations, such as cloud infrastructure, payment processing, email/SMS delivery, security monitoring, analytics, and AI inference partners (under strict controls). All such providers are bound by written Data Processing Agreements (DPAs) that require them to process data solely on our documented instructions, implement security measures at least as strong as ours, and never use data for their own purposes.
We may disclose personal data without your prior consent only when required or permitted by law, including under Section 7 of the DPDP Act (certain legitimate uses), such as compliance with a court order, lawful government requests, fulfilment of statutory obligations, or protection of rights, property, or safety. We disclose only the minimum data necessary and, where legally permitted, will notify you unless prohibited.
In the event of a merger, acquisition, reorganization, asset sale, or similar corporate transaction involving VIDHIBODH.AI, your personal data may be transferred to the relevant third party. We will bind the recipient to equivalent or stronger data protection obligations, provide advance notice where required, and allow you to exercise your rights (including erasure) prior to completion where applicable.
We never share identifiable user prompts, uploaded documents, generated legal outputs, or conversation content with any third party for marketing, advertising, model training, or any independent commercial purpose without your separate, granular, affirmative opt‑in consent. Aggregated, strongly anonymized, or synthetic derivatives of non‑identifiable usage patterns may be used internally or shared with analytics partners only for platform improvement, legal‑domain accuracy enhancement, bias detection, or compliance benchmarking — never re‑linked to any individual user or specific legal matter.
Except as expressly described above or required by law, we do not disclose or share your personal data with any other third parties.
We collect and retain only the personal data strictly necessary to provide the Services, fulfil legal obligations, or protect the platform and its users. Strict access controls ensure only authorized personnel access data for legitimate purposes.
Your personal data is used exclusively for the purposes described in this Policy (or for which you gave separate consent). We do not use it for unrelated purposes or sell it.
Fundamental retention policy for conversations: VIDHIBODH.AI stores conversation‑related data only while the relevant chat session remains active. Once you delete a chat session (or it is automatically deleted per your settings), all associated data is permanently and irreversibly deleted from our systems. This includes all prompts, uploaded documents, generated outputs, and contextual metadata. There is no recovery after session deletion.
Detailed retention periods:
Session deletion uses secure, irreversible methods (overwriting, cryptographic erasure). Deleted conversation data is not retained in backups beyond our short disaster‑recovery window (typically 7–14 days maximum). You can view and manage auto‑cleanup preferences in your account dashboard → Privacy & Data Controls.
VIDHIBODH.AI empowers you with control over your personal data. You can exercise these rights through your account dashboard (Privacy & Data Controls) or by emailing our Grievance Officer at privacy@VidhiBodh.AI.in. We verify identity before processing requests.
You may obtain a summary of your personal data processed and the processing activities, as well as the identities of any other Data Fiduciaries/Processors with whom your data has been shared.
You may request correction of inaccurate data or erasure where no longer necessary or consent is withdrawn (subject to legal exceptions). Deleting a chat session permanently erases all associated data as an exercise of erasure.
Where processing is based on consent, you can withdraw consent at any time with the same ease as when you gave it. Withdrawal takes effect immediately for future processing.
You have the right to readily available means of grievance redressal. Submit grievances via dashboard or email; we acknowledge within 24–72 hours, aim to resolve within 7 working days (or up to 90 days for complex matters). If unsatisfied, you may escalate to the Data Protection Board of India.
Right to Nominate: you may nominate an individual to exercise your rights in the event of death or incapacity. We do not currently engage in solely automated decision‑making with legal/significant effects.
Our Services are strictly intended for users 18 years or older. We do not knowingly collect personal data from children under 18. If we become aware of such data, we cease processing and permanently delete it within 7 days. Verifiable parental consent is required if any use by a minor is exceptionally allowed; however, we strongly discourage any use by minors.
We implement industry‑leading technical and organizational measures: encryption at rest (AES‑256) and in transit (TLS 1.3), mandatory MFA, role‑based access control, advanced prompt‑injection defenses, regular VAPT, DDoS protection, WAF, and comprehensive audit logs. Employees undergo background checks and regular training on data protection and legal ethics. In the event of a personal data breach, we follow a documented incident response plan, notify affected users and the Data Protection Board of India within prescribed timelines, and provide support to mitigate risks.
We comply with the DPDP Act, DPDP Rules 2025, IT Act 2000, and relevant Bar Council guidelines. We prioritize storing personal data in data centers located within India. Cross‑border transfers occur only when the destination provides adequate protection or appropriate safeguards are in place, with regular risk assessments.
We may update this Policy from time to time. Revised versions will be dated. Users are encouraged to periodically review this page. Continued use after the effective date constitutes acceptance of changes; if you do not agree, you may delete your account.
VIDHIBODH.AI is operated by [Your Legal Entity Name] Private Limited (CIN: [Your CIN]), a company incorporated under the Companies Act, 2013. Registered Office: [Your Full Registered Address], Lucknow, Uttar Pradesh – [PIN Code], India. Email: privacy@VidhiBodh.AI.in
Grievance Officer & Data Protection Officer: [Full Name of Grievance Officer]
Email: contact@vidhibodh.com
Phone: [+91-XXXXXXXXXX] (Mon–Fri, 10:00 AM – 6:00 PM IST)
You may also submit grievances via your account dashboard → Privacy & Data Controls → Submit Grievance.
We will acknowledge within 24–72 hours and resolve within 7–90 days depending on complexity. If unsatisfied, you may escalate to the Data Protection Board of India.
For guidance on managing privacy settings, deleting sessions, and exercising DPDP rights, please refer to our Help Center (accessible from the app/website) or the in‑app “Privacy & Data Controls” section.
By using VIDHIBODH.AI, you confirm that you have read, understood, and agree to this Privacy Policy.