1. Scope

This Privacy Policy applies to: visitors to our website; individuals who create or use a Sqaro account; users who upload, view, analyze, manage, or share documents through Sqaro; and individuals who communicate with us for support, sales, billing, or other inquiries. This Privacy Policy does not apply to third-party websites, products, or services that are not owned or controlled by Sqaro, even if they are linked from our Services.

2. The Information We Collect

We collect information in the following categories:

A. Information You Provide Directly: your name; email address; password or authentication credentials; firm or organization name; billing information; account profile details; support requests, messages, and other communications; documents, files, text, and other materials uploaded to the Services; prompts, questions, instructions, edits, comments, and other content submitted when using AI-assisted features.

B. Information Collected Automatically: IP address; browser type and version; device identifiers; operating system; referring URLs; pages or screens viewed; time spent in the Services; dates and times of access; error logs, performance logs, and diagnostic information; general usage activity within the Services.

C. Information From Payments and Transactions: If you purchase a paid plan, subscription, or add-on, payment-related information may be collected and processed by our payment processor. We do not store full payment card numbers on our own systems.

D. Information Generated Through Use of the Services: analysis results; summaries; issue flags; clause extractions; highlights; metadata about documents; workspace history; account usage metrics; subscription and plan usage data.

3. Categories of Sensitive or Confidential Data

Because Sqaro is designed for document workflows that may involve legal or business-sensitive materials, users may upload content that contains confidential, proprietary, regulated, or personal information. You are solely responsible for: ensuring you have the legal right to upload, submit, or process such data through the Services; determining whether the Services are appropriate for the type of information you choose to submit; complying with all confidentiality, privacy, court, contractual, and professional-responsibility obligations that apply to your use of the Services. Unless expressly agreed in writing, Sqaro does not represent that the Services are designed for any specific regulated-data use case, certification regime, or legal privilege requirement.

4. How We Use Information

We may use information we collect to: provide, operate, maintain, secure, and improve the Services; create and manage accounts; authenticate users and control access; store and retrieve uploaded files and associated metadata; generate AI-assisted document analysis, summaries, highlights, clause extractions, risk flags, and related outputs; support document review, collaboration, and workflow functionality; process subscriptions, invoices, and payments; provide customer support and respond to inquiries; detect, investigate, and prevent fraud, abuse, unauthorized access, and other security issues; enforce our Terms of Service and other legal rights; comply with legal obligations; perform internal analytics, troubleshooting, debugging, quality assurance, and product development; send service-related notices, transactional messages, and administrative communications. We may also use data in aggregated or de-identified form for lawful business purposes, provided that such data does not reasonably identify an individual or customer.

5. AI and Document Analysis

Sqaro uses automated and AI-assisted systems to help analyze user-submitted documents and related inputs. These features may process uploaded document text, extracted text and metadata, prompts and user instructions, and context windows and excerpts necessary to generate outputs. AI-generated outputs may contain errors, omissions, or inaccurate interpretations. Users are responsible for reviewing all outputs and exercising independent professional judgment before relying on them. We may store submitted prompts, extracted text, generated outputs, and related metadata as part of providing the Services. We do not sell uploaded document content or personal information to third parties.

6. Legal Bases for Processing

If and to the extent applicable under relevant privacy laws, we process personal information on one or more of the following bases: performance of a contract; legitimate interests; compliance with legal obligations; consent, where required by law. Our legitimate interests may include operating the Services, securing the platform, improving functionality, supporting customers, preventing fraud, enforcing our rights, and developing the business in a responsible manner.

7. How We Share Information

We may share information in the following circumstances:

A. Service Providers and Infrastructure Providers: We may share information with vendors, subprocessors, and service providers that perform services on our behalf, such as cloud hosting and infrastructure providers, authentication providers, database and storage providers, AI and machine learning providers, payment processors, communications and support providers, and analytics, logging, and security vendors.

B. Within Your Organization: If you use Sqaro through a firm, company, or other organization account, certain information may be accessible to authorized administrators or other authorized users within that organization.

C. Legal and Compliance Disclosures: We may disclose information if we believe in good faith that doing so is necessary to comply with applicable law, regulation, legal process, or governmental request; protect the rights, safety, security, property, or interests of Sqaro, our users, or others; detect, prevent, or address fraud, abuse, security incidents, or technical issues; or enforce our agreements.

D. Corporate Transactions: We may disclose information in connection with an actual or proposed merger, acquisition, financing, asset sale, restructuring, bankruptcy, or similar business transaction.

E. With Your Direction: We may share information with third parties when you direct us to do so or otherwise consent.

8. Third-Party Service Providers

Sqaro relies on third-party providers to operate the Services, including Google and Firebase services for authentication, storage, databases, and AI infrastructure, and Stripe for billing and payment processing. Each third-party provider's handling of data is governed by its own terms, policies, and contractual commitments. We are not responsible for the independent privacy or security practices of third parties except to the extent required by applicable law.

9. Payment Processing

Payments are processed by Stripe. We do not store full card details on Sqaro systems.

10. Data Retention

We retain personal information and customer data for as long as reasonably necessary to provide the Services, maintain accounts and workspaces, preserve history, logs, and operational records, comply with legal, tax, accounting, or regulatory obligations, resolve disputes, enforce agreements, and protect against fraud, abuse, or security risks. Retention periods may vary depending on the type of information, the nature of the account, customer instructions, legal requirements, and operational necessity. We may delete or de-identify data when it is no longer reasonably necessary for the purposes described in this Privacy Policy.

11. Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, destruction, loss, misuse, or alteration. Our infrastructure relies on access controls, authentication, role-based restrictions, database and storage rules, logging, and related cloud security features. However, no system or transmission method is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your credentials and for using the Services in a secure manner.

12. International Data Transfers

Your information may be stored, processed, or transferred in the United States or other jurisdictions where we or our service providers operate. If you access the Services from outside the United States, you understand that your information may be transferred to and processed in countries that may not provide the same level of data protection as your home jurisdiction, subject to applicable legal safeguards where required.

13. Your Privacy Rights

Depending on your location and applicable law, you may have rights regarding your personal information, including the right to: access personal information we hold about you; request correction of inaccurate information; request deletion of certain information; object to or restrict certain processing; withdraw consent where processing is based on consent; request portability of certain data; and appeal a privacy-rights decision where applicable. We may need to verify your identity before responding to a request. To exercise applicable privacy rights, contact us at support@sqaro.co.

14. California and Other U.S. State Privacy Disclosures

If applicable law requires, residents of certain U.S. states may have additional rights relating to access, deletion, correction, portability, and opt-out rights. Sqaro does not sell personal information for money. Sqaro also does not share personal information for cross-context behavioral advertising unless expressly stated otherwise in a separate notice. If required by applicable law, we will honor valid requests to exercise state privacy rights.

15. Cookies and Similar Technologies

We may use cookies, local storage, session storage, pixels, and similar technologies to keep users signed in, remember preferences, maintain session integrity, analyze usage, improve performance and reliability, and support security and fraud prevention. You may be able to control certain cookie settings through your browser or device settings. Disabling some technologies may affect functionality.

16. Children's Privacy

The Services are intended for business and professional use and are not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information without appropriate authorization, we will take reasonable steps to delete it.

17. Customer Responsibility for Submitted Content

You represent and warrant that you have all rights, permissions, notices, and legal bases necessary to provide any personal information, document, file, or other content you submit to the Services. You are responsible for your use of the Services, your decision to upload or process any content, complying with all confidentiality, secrecy, employment, contractual, and professional obligations applicable to your data, and reviewing AI-generated outputs before acting on them.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice by posting the updated version on our website, through the Services, by email, or by other reasonable means. Your continued use of the Services after the updated Privacy Policy becomes effective constitutes your acknowledgment of the revised policy, to the extent permitted by law.

19. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our privacy practices, contact us at:

Sqaro LLC Saint Clair Shores, MI 48082 Email: support@sqaro.co