Skip to main content

Privacy Policy

Effective Date: March 27, 2026

1. Introduction

BankruptcyOps ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information in connection with our AI-powered bankruptcy case analysis platform (the "Service").

Important: BankruptcyOps is a software tool used by licensed bankruptcy attorneys. We process case data on behalf of the attorney, not the consumer/debtor. The attorney remains responsible for compliance with all ethical obligations, including attorney-client privilege and confidentiality duties.

2. Information We Collect

2.1 Account Information

When you sign up for BankruptcyOps, we collect:

  • Name and email address
  • Firm name and bar license information (state, license number)
  • Billing address (if upgrading to a paid plan)
  • Payment method information (processed securely by Stripe; we do not store full card details)

2.2 Case Data

To provide the Service, we collect and store case information you submit:

  • Debtor name, date of birth, contact information
  • Income data (employment, other income sources)
  • Household expenses and asset information
  • Debt schedules (creditor names, balances, status)
  • Exemption preferences (state-specific)
  • Chapter election (Ch. 7, 13, or analysis request)

This data may be classified as confidential attorney work product and/or protected by attorney-client privilege. We treat all case data with the highest security standards.

2.3 AI Processing & Analytics

We collect limited usage analytics:

  • Feature usage (which AI tools you run: means test, schedule prep, 341 hearing, Ch. 13 plan)
  • Case count and case statuses
  • Plan tier and billing information
  • General timestamps (account creation, last login, case submission times)

We do NOT collect or analyze the content of individual case decisions, AI memos, or sensitive case details for analytics purposes. Analytics are firm-level only.

2.4 Cookies & Tracking

BankruptcyOps uses Plausible Analytics, a privacy-friendly analytics platform. Plausible is GDPR-compliant and does not use cookies or track individuals across websites. We collect only:

  • Page views and referrer sources
  • Device type and browser (not identifiable to you)
  • General geographic region (country/state level only)

No cookies are set. No personal data is shared with Plausible. You cannot be tracked across other websites.

2.5 Automatically Collected Information

When you access the Service:

  • IP address (for security and abuse prevention only)
  • Browser type and version
  • Device type (desktop, mobile, tablet)
  • Operating system
  • Access times and duration of use

3. How We Use Your Information

3.1 Core Service Delivery

  • Process case data through Claude AI API to generate analysis memos
  • Store case history and AI outputs for retrieval and editing
  • Authenticate and authorize access to your account and cases
  • Maintain account security and prevent unauthorized access

3.2 Billing & Payment

  • Process subscription payments via Stripe
  • Track usage against plan limits (e.g., 5 cases/month on Free tier)
  • Send invoices and billing notifications

3.3 Communication

  • Send transactional emails (account verification, password reset, billing updates)
  • Respond to support inquiries via hello@bankruptcyops.com
  • Send product updates and service notices (opt-out available)

3.4 Analytics & Improvement

  • Analyze trends in feature usage to improve the Service
  • Monitor system performance and identify bugs
  • Understand user behavior patterns (aggregate, non-personal)

3.5 Legal Compliance & Security

  • Comply with law enforcement requests (with appropriate legal process)
  • Detect, investigate, and prevent fraud and abuse
  • Enforce our Terms of Service and other agreements
  • Protect rights, privacy, safety, and property of BankruptcyOps, users, and the public

4. AI Processing & Anthropic Claude API

BankruptcyOps uses the Anthropic Claude API to analyze your case data and generate memos. Here's how this works:

4.1 Data Transmission to Anthropic

When you run an AI analysis (means test, schedule prep, 341 hearing, Ch. 13 plan), your case data is transmitted to Anthropic's servers to be processed by Claude. This transmission is encrypted in transit (TLS 1.3).

4.2 Data Not Used for Model Training

Critical: Your case data is NOT used to train or improve Anthropic's AI models. Per Anthropic's standard API terms, data sent via the API is processed per-request only and is retained by Anthropic for only 30 days for abuse detection and service improvement purposes, after which it is deleted.

See Anthropic's Privacy Policy: https://www.anthropic.com/legal/privacy

4.3 Your Responsibility

You are responsible for ensuring that transmitting case data to Anthropic complies with your jurisdictional ethical rules and client confidentiality obligations. BankruptcyOps processes data on your behalf as a tool; you remain the attorney of record and are responsible for all use of AI output.

4.4 No Legal Advice from AI

Claude's outputs are AI-generated analysis provided to assist you, not legal advice. All AI memos must be reviewed, verified, and approved by you (the licensed attorney) before any use or reliance in client matters.

5. Data Storage & Security

5.1 Database & Hosting

Account and case data is stored in Supabase (PostgreSQL) with Supabase's Row Level Security (RLS) policies enforcing multi-tenant isolation. Data is encrypted at rest using AES-256 encryption. Hosting is via Vercel on AWS infrastructure in US data centers.

5.2 Security Measures

  • All data transmission encrypted (TLS 1.3)
  • Row-level security policies prevent cross-firm data access
  • Passwords hashed with bcrypt (never stored in plaintext)
  • Multi-factor authentication available (via Supabase Auth)
  • Regular security monitoring via Vercel and Supabase
  • No data shared with third parties except Anthropic (for AI processing), Stripe (for payments), and Plausible (for analytics)

5.3 Limitations

While we implement industry-standard security measures, no system is 100% secure. We encourage you to use strong passwords and enable multi-factor authentication on your account.

6. Data Retention

We retain your data as long as your account is active. Upon account deletion or plan cancellation:

  • Case data is retained in our database for 180 days to allow recovery
  • After 180 days, case data is permanently deleted
  • Billing records are retained for 7 years (required for tax and accounting compliance)
  • Analytics records are aggregated and anonymized after 12 months

We recommend exporting your case data before deleting your account.

7. CCPA & Privacy Rights (California Users)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights:

  • Right to Know: You can request what personal information we collect, use, and disclose.
  • Right to Delete: You can request deletion of your personal information (subject to certain exceptions).
  • Right to Opt-Out: You can opt-out of the sale or sharing of your personal information (we do not sell your data).
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, email hello@bankruptcyops.com with your request. We will respond within 45 days.

8. GDPR Compliance (EU Users)

If you are an EU resident, the General Data Protection Regulation (GDPR) provides additional protections:

  • Legal Basis: We process your data under the contract with you (Terms of Service) and our legitimate interests (service improvement and security).
  • Right to Access: You can request a copy of your personal data.
  • Right to Rectification: You can correct inaccurate information.
  • Right to Erasure: You can request deletion of your data.
  • Right to Restrict Processing: You can limit how we use your data.
  • Right to Portability: You can request your data in a portable format.
  • Right to Object: You can object to our use of your data.

To exercise these rights, email hello@bankruptcyops.com. We will respond within 30 days.

9. Third-Party Services

BankruptcyOps integrates with the following third-party services:

9.1 Supabase (Database & Auth)

We use Supabase for account authentication, data storage, and row-level security. Supabase processes your email, password hash, and account metadata. Privacy Policy: https://supabase.com/privacy

9.2 Anthropic (AI Processing)

Case data is sent to Anthropic for AI analysis. Anthropic does not use your data for model training. See Section 4 above and Anthropic's Privacy Policy: https://www.anthropic.com/legal/privacy

9.3 Stripe (Payments)

Payment information is processed by Stripe. We do not store full card details; Stripe handles all payment processing. Privacy Policy: https://stripe.com/privacy

9.4 Vercel (Hosting)

The BankruptcyOps application is hosted on Vercel. Vercel processes server logs and usage data for infrastructure and security purposes. Privacy Policy: https://vercel.com/legal/privacy

9.5 Plausible Analytics (Analytics)

We use Plausible for privacy-friendly analytics. Plausible does not use cookies and is GDPR-compliant. No personal data is shared with Plausible. Privacy Policy: https://plausible.io/privacy

10. Data Breach Notification

In the event of a data breach involving your personal information, we will notify you and affected users via email within 72 hours of discovery (or as required by applicable law) with details about the breach, affected data, and steps we are taking to secure your information.

11. Attorney-Client Privilege Disclaimer

Important: BankruptcyOps is a tool used by the attorney, not the client. The attorney remains responsible for maintaining the confidentiality of case data and ensuring that use of BankruptcyOps complies with attorney-client privilege and all applicable ethical rules.

BankruptcyOps is not a law firm, does not provide legal advice, and is not your attorney. The attorney of record is responsible for all decisions and work product derived from the Service.

12. Children's Privacy

BankruptcyOps is intended for use by licensed attorneys only. We do not knowingly collect information from children (users under 18). If we become aware that a child has provided information, we will delete that information immediately.

13. International Users

BankruptcyOps is hosted in the United States. If you access the Service from outside the US, your data may be transferred to and stored in the United States. By using the Service, you consent to such transfer.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or a prominent notice on the Service. Your continued use of BankruptcyOps after such changes constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact:

Email: hello@bankruptcyops.com

Address: Atlanta, Georgia, USA

We will respond to all inquiries within 30 days.