Privacy Policy

Advottic ("we", "us") is operated by Techno Optics LLC. Contact: contact@technooptics.com.

• Account info: email address (and optional name, role, organization, avatar URL) when you sign in via Google, Microsoft, or email magic link.
• Case content you create: case files, descriptions, exhibits (file uploads with metadata you provide), AI-generated reviews, and exhibit plans.
• Collaborators: emails you enter to invite collaborators to your cases.
• Billing: if you subscribe, a Stripe customer ID and subscription status. We never see or store your card details - Stripe handles those directly.
• Operational logs: IP addresses on AI requests for rate limiting and standard server logs from our hosting provider.

• Contract: providing the service you signed up for (case organization, AI review, exports).
• Legitimate interests: securing the platform, preventing abuse, keeping the service running.
• Consent: optional analytics and profile customizations.
• Legal obligation: tax records for paid subscriptions; responses to valid legal process.

We share the minimum data needed with these third parties to run the service:

• Vercel - hosting + edge network.
• Supabase - authentication, database (Postgres), file storage.
• Anthropic - AI processing for case review, defense planning, and Bella. Inputs are sent over TLS and not used to train Anthropic models per Anthropic's commercial terms.
• Stripe - subscription billing for paid plans.

You can exercise these rights at any time, free of charge:

• Access & portability: export your data as JSON from the Profile page.
• Rectification: edit your profile / case data directly in the app.
• Erasure: delete your account from the Profile page. This deletes all cases, exhibits, reviews, and your authentication record. Stripe billing history is retained as required by law.
• Restriction / objection: email us to pause specific processing.
• Complaint: lodge a complaint with your local data-protection authority.

We keep your data for as long as your account is active. When you delete your account we erase the records described above immediately, except where law requires retention (for example, billing records).

• All traffic is encrypted in transit (TLS).
• Database and storage at rest are encrypted by Supabase.
• Row-level security policies ensure users can only read and modify their own cases (and shared collaborator cases).
• Server-side actions are CSRF-protected via Next.js' built-in mechanisms.
• HSTS, frame-deny, and strict referrer headers are enforced site-wide.

We use essential cookies only - to keep you signed in. We do not use advertising or third-party tracking cookies.

We'll post material changes to this policy on this page and update the date at the top.

Email contact@technooptics.com for any privacy-related question or to exercise a right above.