Trusted by legal professionalsEnterprise inquiries: Schedule a Demo →

CaseClock Logo

Privacy Policy

Effective date: November 01, 2025

Introduction

CaseClock Inc. ("CaseClock," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, share, and protect personal information when you visit our website at https://www.caseclock.ai (the "Site"), use our products and services (the "Services"), or otherwise interact with us.

By using the Site or Services, you consent to the data practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Site or Services.

Scope

This Privacy Policy applies to visitors of the Site and users of our Services. Please note that our Terms of Service and associated Data Protection Addendum govern the extent to which we process personal information as a processor on behalf of our business customers. When we process Customer Data (defined below) on behalf of our business customers, our use of that information is governed by our agreements with those customers, not solely by this Privacy Policy.

Information We Collect

Information You Provide

We collect information you voluntarily provide to us when you interact with the Site or Services, including when you:

  • Register for an account or request a demo
  • Use our voice capture, time entry, or billing features
  • Contact customer support or communicate with us
  • Subscribe to marketing communications
  • Apply for employment with CaseClock

The categories of information we may collect include:

  • Contact Information: Name, email address, phone number, firm or organization name, job title
  • Account Credentials: Username, password, and account settings
  • Professional Information: Practice area, organization size, jurisdiction, bar affiliation
  • Payment Information: Billing contact details, subscription and transaction history. Payment card details are processed by our third-party payment processor and we do not store full card numbers
  • Customer Content: Time entries, billing narratives, voice recordings, transcriptions, client and matter information, work descriptions, files and attachments you upload, and configuration settings
  • Communications: Messages you send to us, feedback, survey responses, event registrations
  • Job Applicant Information: Resume, employment history, education, references, and other application materials

Information Collected Automatically

When you visit the Site or use the Services, we automatically collect certain information about your device and usage, including:

  • Usage Data: Features used, pages viewed, actions taken, dates and times of access, referring and exit pages
  • Device and Technical Information: IP address, browser type and version, device identifiers, operating system, network and connection details

We use cookies, web beacons, log files, and similar tracking technologies to collect this information. Most browsers allow you to manage cookie preferences through their settings. Please note that disabling cookies may limit certain features of the Site or Services.

Information from Other Sources

We may obtain information from:

  • Business customers and account administrators who authorize you to use the Services
  • Integration partners and third-party products you connect with the Services
  • Service providers that support analytics, marketing, payments, and communications
  • Publicly available sources and professional directories

How We Use Information

We use personal information to:

  • Provide and operate the Services: Create and manage accounts, process transactions, provide features, deliver customer support
  • Process Customer Data as a service provider: Handle time entries, billing data, voice transcription, validation, and reporting as directed by business customers
  • Improve the Services: Monitor performance, conduct research and analytics, develop new features, debug and troubleshoot
  • Communicate with you: Send service-related messages, security alerts, administrative notices, respond to inquiries, provide support
  • Marketing: Send newsletters, product updates, and promotional communications where permitted by law (you may opt out at any time)
  • Business operations: Evaluate job applications, manage vendor relationships, conduct business planning
  • Legal compliance and protection: Comply with applicable laws, enforce agreements, protect rights and property, detect and prevent fraud and security incidents

How We Share Information

We do not sell your personal information. We may share personal information in the following circumstances:

  • Service Providers: We share information with service providers that process data on our behalf for hosting, data storage, analytics, email delivery, payment processing, and customer support. These providers are contractually required to protect your information and use it only for authorized purposes
  • Business Customers and Account Administrators: When you use the Services under an account provisioned by a business customer, that customer and its authorized users may access information about your use of the Services
  • Professional Advisors and Partners: We may share information with lawyers, auditors, accountants, and business partners where necessary for the purposes described in this Privacy Policy
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, personal information may be disclosed or transferred, subject to appropriate confidentiality protections
  • Legal and Safety Purposes: We may disclose information to comply with laws, legal processes, governmental requests, enforce our agreements, or protect rights, property, safety, or the public
  • With Your Consent: We may share information when you authorize or direct us to do so, or when you integrate the Services with third-party products

We may share aggregated or de-identified information that does not reasonably identify you for any lawful purpose.

Customer Data and Our Role as Processor

When you use the Services, much of the information you input (such as client and matter details, time entries, billing narratives, and voice recordings) constitutes "Customer Data" that you control as the business customer. For this Customer Data, CaseClock acts as a service provider or processor on your behalf.

Our processing of Customer Data is governed by our Terms of Service and agreements with business customers, not solely by this Privacy Policy. If you have questions about Customer Data we process on behalf of a business customer, please contact that customer directly. We will assist our customers in responding to data subject requests as required by law and our agreements.

Data Security and Infrastructure

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, loss, alteration, or disclosure. Our security measures include:

  • Hosting on Microsoft Azure cloud infrastructure with enterprise-grade security controls
  • Encryption of data in transit using industry-standard protocols (TLS/SSL)
  • Encryption of data at rest where appropriate
  • Access controls, authentication, and role-based permissions
  • Logging and monitoring of systems and access events
  • Regular security assessments and updates
  • Secure development practices and change management procedures
  • Business continuity and disaster recovery planning

Data Residency: We store data on Microsoft Azure servers located in the jurisdiction where our customers operate. For Canadian customers, data is stored on Azure's Canada-based servers. For U.S. customers, data is stored on Azure's U.S.-based servers. For customers in other jurisdictions, we store data on Azure servers located in the corresponding region to comply with local data protection requirements.

While we work continuously to protect your information, no method of transmission or storage is completely secure. You are responsible for keeping your account credentials confidential and promptly notifying us of any unauthorized access to your account.

International Transfers

CaseClock is based in Canada. We use Microsoft Azure infrastructure located in multiple jurisdictions to serve our customers globally. Personal information may be transferred to, stored in, or accessed from jurisdictions with different data protection laws than your home jurisdiction.

Where required by law, we implement appropriate safeguards to protect personal information when transferred across borders, such as contractual protections and technical measures. By using the Site or Services, you understand that your information may be processed in the jurisdiction where you are located and where our infrastructure is deployed.

Data Retention

We retain personal information for as long as reasonably necessary to:

  • Provide the Services and fulfill the purposes described in this Privacy Policy
  • Comply with legal, regulatory, accounting, or reporting requirements
  • Enforce our agreements and resolve disputes

When determining retention periods, we consider the nature and sensitivity of the information, the purposes for which it is processed, whether those purposes can be achieved by other means, and applicable legal requirements.

We may anonymize or aggregate personal information so that it no longer identifies you, in which case we may retain and use this information for any lawful purpose.

Your Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding your personal information, including:

  • Access: Request confirmation of whether we process your personal information and obtain a copy
  • Correction: Request correction of inaccurate or incomplete personal information
  • Deletion: Request deletion of personal information in certain circumstances, subject to legal and contractual obligations
  • Restriction: Request that we restrict processing of personal information in certain circumstances
  • Objection: Object to certain processing, including for direct marketing purposes
  • Data Portability: Receive personal information you provided in a structured, commonly used format and request transmission to another organization where technically feasible
  • Withdraw Consent: Where we rely on consent, withdraw that consent at any time (without affecting prior lawful processing)

To exercise these rights, contact us at legal@caseclock.ai. We may need to verify your identity before completing your request. We may not be able to fulfill a request where we have a legal or contractual obligation to retain or continue processing the information.

If we process your personal information on behalf of a business customer, we will refer your request to the relevant customer and support them in responding as required by law and our agreements.

You may also have the right to lodge a complaint with the data protection authority or privacy regulator in your jurisdiction.

Marketing Communications

You can opt out of receiving marketing emails from us at any time by clicking the unsubscribe link in our emails or by contacting us at legal@caseclock.ai.

Even if you opt out of marketing communications, we may still send you non-promotional communications related to your account, transactions, or use of the Services, such as security alerts and service updates.

Third-Party Links and Integrations

The Site and Services may contain links to or integrations with third-party websites, services, or applications. We are not responsible for the privacy practices or content of these third parties. We encourage you to review their privacy policies.

Children's Privacy

The Site and Services are intended for use by legal professionals and business users and are not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us at legal@caseclock.ai so we can take appropriate steps.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and may provide additional notice, such as by email or through the Services, where required by law.

Your continued use of the Site or Services after changes become effective indicates acceptance of the updated Privacy Policy.

Additional Disclosures for Specific Jurisdictions

California Residents

California Consumer Privacy Act (CCPA): California residents may have rights to know what personal information we collect, the purposes for which we use it, and the categories of third parties with whom we share it. You may also have the right to request deletion of your personal information, subject to certain exceptions.

CaseClock does not sell personal information as the term "sell" is defined under the CCPA.

To exercise your rights under California law, contact us at legal@caseclock.ai.

Shine the Light: California residents may request a list of categories of personal information disclosed to third parties for their direct marketing purposes during the preceding calendar year. To make such a request, please contact us at legal@caseclock.ai with "California Shine the Light Request" in the subject line.

Nevada Residents

Nevada residents may submit a request directing us not to sell certain personal information. We do not sell personal information as defined under Nevada law. If you are a Nevada resident and wish to submit such a request, please contact us at legal@caseclock.ai.

European Economic Area, United Kingdom, and Switzerland

Roles: CaseClock acts as a controller with respect to personal information collected through the Site. For Customer Data processed through the Services, CaseClock generally acts as a processor on behalf of business customers, who are the controllers.

Lawful Basis: Our lawful bases for processing include: (a) performance of a contract with you; (b) compliance with legal obligations; (c) your consent; and (d) our legitimate interests, provided they do not override your rights and interests.

Your Rights: You have the rights described in the "Your Rights and Choices" section above. You also have the right to lodge a complaint with the data protection regulator in your jurisdiction.

Where applicable, we transfer personal data subject to appropriate safeguards, such as standard contractual clauses.

Other Jurisdictions

If you are located in Colorado, Connecticut, Virginia, Utah, or other jurisdictions with specific privacy laws, you may have additional rights regarding your personal information. Please contact us at legal@caseclock.ai for information about exercising your rights.

Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, or if you wish to exercise your rights, please contact us at:

Email: legal@caseclock.ai