BarZero — Uncompromising AI Legal Intelligence

Our Fundamental Promise

We believe privacy is a technical guarantee, not a legal promise. BarZero is built on a "Zero Knowledge, Zero Retention" architecture. We do not store, log, or analyze your contract data or legal queries on our servers. Your data exists on our infrastructure only in volatile memory for the milliseconds required to process your request, after which it is cryptographically destroyed.

1. Information We DO NOT Collect

To fulfill our promise of Zero Knowledge and Zero Retention, we specifically architect our systems to avoid collecting the following:

Client Documents: Uploaded contracts and documents are encrypted client-side. Our servers never hold your decryption keys and never write your documents to persistent storage.
Chat and Research Queries: Prompts submitted to our AI endpoints are relayed directly to our partner APIs in Zero Data Retention mode. They are never written to our databases.
Session History: All chat histories and analyses are stored locally on your device via IndexedDB. If you utilize our End-to-End Encrypted (E2EE) Sync feature, the data is encrypted via AES-GCM on your device before it touches our servers. We cannot decrypt it.

2. Information We DO Collect

We collect only the minimum data necessary to maintain your account, process billing, and ensure the security of the platform.

Account Metadata: Email address, firm name, and payment information handled securely via our payment processor (Stripe).
Authentication Data: Cryptographic signatures for WebAuthn/FIDO2 authentication.
Usage Metrics: Anonymous telemetry regarding API request volumes (to manage rate limits and billing) without any context of the request content.

3. Third-Party Subprocessors (The AI Pipeline)

BarZero utilizes Anthropic's Claude API for AI reasoning. We have established a strict Zero Data Retention agreement with Anthropic. When your encrypted payload reaches our ephemeral container, it is decrypted in memory and pushed to the Anthropic API with flags ensuring that Anthropic does not log, store, or use your prompts or documents to train their models.

4. Client-Side Telemetry & Cookies

We use strictly necessary cookies to maintain your authenticated session. We do not use third-party tracking pixels, Google Analytics, or any cross-site tracking mechanisms inside the authenticated application (`/app` routes).

5. Compliance and ABA Guidelines

Our architecture is designed to comply with the confidentiality requirements of ABA Model Rule 1.6(c) and ABA Formal Opinion 512. By providing cryptographic proof of data destruction, we ensure that your use of BarZero does not constitute an unauthorized disclosure of client information.

6. Changes to this Policy

If we make material changes to how we handle your data—specifically any changes that alter our Zero Retention guarantees—we will notify you at least 30 days prior to those changes taking effect via the email associated with your account.

End-to-End Encrypted PlatformContact Privacy Team