Privacy Policy
Last updated: May 19, 2026
This Privacy Policy explains what information OTT Media Ventures LLC ("Verdix," "we," "us") collects when you use our service, how we use it, and who we share it with.
1. Who this policy applies to
This Privacy Policy applies to two groups:
- Verdix customers — law firms and the attorneys, paralegals, or staff who sign up for a Verdix account.
- End-users of Verdix customers — people who interact with a Verdix-powered chat widget on a law firm's website, or who otherwise have information processed by Verdix on behalf of a customer.
For end-users: the law firm using Verdix is the controller of your information. We process it on their behalf. Please contact them with questions about how they handle your data.
2. Information we collect
Information you provide directly:
- Account information: name, email, phone number, firm name, role.
- Firm information: firm address, website, billing details.
- Content you upload or generate: case files, chat transcripts, demand letters, settlement records, lien tracking data, notes, and any other information you enter into Verdix.
- Payment information: processed by Stripe (we do not store full card numbers).
Information collected automatically:
- Usage data: pages visited, features used, time spent, click patterns.
- Device information: browser, operating system, IP address, screen size.
- Error data: if something breaks, we capture the error and stack trace via Sentry to help us fix bugs.
- Cookies: we use necessary cookies for authentication (Clerk) and to keep you signed in. We do not use advertising or tracking cookies.
From chat widget end-users:
- Information end-users voluntarily share with the AI intake assistant (incident details, contact info, injuries described).
- IP address and browser metadata of the visiting device.
- The URL of the page where the chat widget was loaded.
3. How we use this information
We use your information to:
- Provide, operate, and improve Verdix;
- Generate AI-powered content you request (demand letters, chat responses, summaries);
- Process payments and manage your subscription;
- Communicate with you about your account, billing, and service updates;
- Diagnose and fix bugs;
- Detect, prevent, and address fraud or security issues;
- Comply with legal obligations.
We do not sell your data. We do not share it for advertising. We do not use your case content to train AI models. We do not let third parties access your data for their own purposes.
4. Subprocessors
We use a small set of trusted vendors to run Verdix. Each is bound by contractual obligations to protect your data and use it only to provide services to us.
| Vendor | Purpose | Data |
|---|---|---|
| Vercel | Hosting & content delivery | All app traffic |
| Neon | Database (Postgres) | Account data, firm content, settings |
| Clerk | Authentication | Login credentials, sessions, email |
| Anthropic | AI model (Claude) | Content sent for AI processing. Anthropic does not train on this data per their API terms. |
| Stripe | Payment processing | Billing info, card metadata |
| Sentry | Error monitoring | Stack traces and error context (no session replays) |
We update this list as our infrastructure evolves. Material changes will be communicated.
5. AI processing disclosure
When you use AI features in Verdix, your input is transmitted to Anthropic's API. Anthropic does not use API content to train their models. Conversations are retained transiently for safety review per Anthropic's standard policy.
You should not include information in Verdix that you would not be comfortable having processed by a third-party AI provider. We recommend minimizing sensitive identifiers in AI prompts where possible.
6. Data retention
We retain your account information and content for as long as your account is active. After cancellation, we retain your data for up to 30 days in case you reactivate, then we delete it from active systems. Backups are retained for up to 90 days for disaster recovery purposes and then purged.
We may retain some information longer if required by law, for tax/accounting purposes, or to resolve disputes.
7. Your rights
Depending on where you live, you may have the right to:
- Access your data;
- Correct inaccurate data;
- Delete your data (subject to legal retention requirements);
- Export your data in a machine-readable format;
- Opt out of certain processing.
To exercise any of these rights, contact us at team@verdixlaw.com. We may need to verify your identity before responding.
California residents have additional rights under the CCPA/CPRA. We do not sell personal information and we do not share it for cross-context behavioral advertising.
8. Security
We use industry-standard security practices: encryption in transit (HTTPS), encryption at rest (database-level), access controls, and routine security reviews. No system is 100% secure; if a breach affects your data, we will notify you as required by law.
As discussed in our Terms of Service, Verdix is not currently HIPAA-certified. If you handle Protected Health Information, you are responsible for ensuring its use complies with applicable law.
9. International users
Verdix is operated in the United States. If you access the service from outside the US, your data will be transferred to and processed in the US. By using Verdix, you consent to this transfer.
10. Children
Verdix is not directed at children under 18. We do not knowingly collect information from children. If you believe a child has provided us information, contact us and we will delete it.
11. Changes to this policy
We may update this Privacy Policy. Material changes will be communicated via email or in-app notice. The "Last updated" date at the top will always reflect when the policy was last revised.
12. Contact
Questions about this Privacy Policy? Reach us at: