Legal
Privacy Policy
Last updated: June 20, 2026
1. Introduction
Thothii ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service at thothii.com.
By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.
2. Information We Collect
2.1 Information You Provide Directly
Account information — name, email address, password, job title, firm name
Payment information — credit card details (processed securely by Stripe — we never store raw card data)
Profile information — firm profile, contact details
Document content — text and inputs you provide to generate legal documents
Communications — messages you send to our support team
Coupon codes — promotional codes used during signup or upgrade
2.2 Information Collected Automatically
Usage data — pages visited, features used, documents generated, time spent
Device information — browser type, operating system, device type
IP address — used for security, rate limiting, and fraud prevention
Cookies and tracking — see our Cookie Policy for details
UTM parameters — source, medium, and campaign data from marketing links
2.3 Information from Third Parties
Stripe — payment status, subscription details, billing history
Anthropic — AI model usage data (no document content is stored by Anthropic beyond processing)
3. How We Use Your Information
We use your information to:
3.1 Provide the Service — create and manage your account, generate documents, process payments
3.2 Communicate with you — send account notifications, trial reminders, payment receipts, product updates, and support responses
3.3 Improve the Service — analyze usage patterns, fix bugs, develop new features
3.4 Security & fraud prevention — detect and prevent unauthorized access, abuse, and fraudulent activity
3.5 Legal compliance — comply with applicable laws, regulations, and legal processes
3.6 Marketing — send promotional communications (you can opt out at any time)
3.7 Analytics — understand how users interact with the Service to improve user experience
4. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:
Processing Activity | Legal Basis |
|---|---|
Account creation and management | Contract performance |
Payment processing | Contract performance |
Sending transactional emails | Contract performance |
Security and fraud prevention | Legitimate interests |
Analytics and improvement | Legitimate interests |
Marketing communications | Consent |
Legal compliance | Legal obligation |
5. How We Share Your Information
We do not sell your personal data. We share your information only in the following circumstances:
5.1 Service Providers
We share data with trusted third-party providers who help us operate the Service:
Provider | Purpose | Privacy Policy |
|---|---|---|
Stripe | Payment processing | stripe.com/privacy |
Anthropic | AI document generation | anthropic.com/privacy |
Resend | Email delivery | resend.com/privacy |
Vercel | Hosting and infrastructure | vercel.com/legal/privacy-policy |
Neon | Database hosting | neon.tech/privacy-policy |
Sentry | Error monitoring | sentry.io/privacy |
All service providers are contractually obligated to protect your data and use it only for the purposes we specify.
5.2 Legal Requirements
We may disclose your information if required by law, court order, or government authority, or to protect the rights, property, or safety of Thothii, our users, or the public.
5.3 Business Transfers
If Thothii is acquired, merged, or sold, your information may be transferred to the new owner. You will be notified of any such change via email.
5.4 With Your Consent
We may share your information with third parties when you have given us explicit consent to do so.
6. Data Retention
Data Type | Retention Period |
|---|---|
Account data | Until account deletion + 30 days |
Generated documents | Until account deletion |
Payment records | 7 years (legal/tax requirement) |
Support communications | 3 years |
Usage analytics | 2 years |
Deleted account data | Permanently deleted after 7-day grace period |
After the applicable retention period, your data is securely deleted or anonymized.
7. Data Security
We implement industry-standard security measures to protect your data:
Encryption in transit — all data transmitted using TLS/HTTPS
Encryption at rest — all stored data is encrypted
Access controls — strict role-based access to user data
Regular security audits — ongoing vulnerability assessments
Rate limiting — protection against brute force attacks
However, no system is completely secure. We cannot guarantee absolute security and are not liable for unauthorized access beyond our reasonable control. In the event of a data breach, we will notify affected users as required by applicable law.
8. Your Rights
Depending on your location you may have the following rights:
8.1 All Users
Access — request a copy of your personal data
Correction — update inaccurate or incomplete data
Deletion — request deletion of your account and data
Portability — receive your data in a portable format
Opt-out — unsubscribe from marketing emails at any time
8.2 EEA/UK Users (GDPR)
Right to restrict processing — limit how we use your data
Right to object — object to processing based on legitimate interests
Right to withdraw consent — withdraw consent at any time
Right to lodge a complaint — with your local data protection authority
8.3 California Users (CCPA)
Right to know — what personal information we collect and how we use it
Right to delete — request deletion of your personal information
Right to opt-out — we do not sell personal information
Right to non-discrimination — we will not discriminate against you for exercising your rights
To exercise any of these rights contact us at privacy@thothii.com. We will respond within 30 days.
9. Cookies
We use cookies and similar tracking technologies to operate and improve the Service. For detailed information see our Cookie Policy at thothii.com/legal/cookies.
10. Children's Privacy
The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover we have collected data from a child under 18 we will delete it immediately. If you believe we have collected such data please contact us at privacy@thothii.com.
11. International Data Transfers
Thothii is based in the United States. If you access the Service from outside the US your data may be transferred to and processed in the US. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.
12. Third-Party Links
The Service may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.
13. AI & Document Content
13.1 Documents you generate using Thothii are stored securely in your account and accessible only by you and authorized firm members.
13.2 Your document inputs are sent to Anthropic's API for processing. Anthropic does not store your document content beyond the time needed to generate the response. See Anthropic's privacy policy at anthropic.com/privacy.
13.3 Thothii does not use your document content to train AI models.
13.4 You are responsible for ensuring that any personal data included in documents you generate complies with applicable privacy laws.
14. Marketing Communications
14.1 We may send you marketing emails about new features, tips, and promotions.
14.2 You can opt out of marketing emails at any time by clicking "Unsubscribe" in any email or contacting us at support@thothii.com.
14.3 You cannot opt out of transactional emails such as account notifications, payment receipts, and trial reminders as these are necessary to provide the Service.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.
16. Contact Us
For privacy questions, requests, or concerns:
Thothii Privacy Team
Email: privacy@thothii.com
Support: support@thothii.com
Website: thothii.com/legal/privacy
We aim to respond to all privacy requests within 30 days.