1. Data residency in India
All Legalese data is stored on Google Cloud Platform's Mumbai (asia-south1) region. Your case files, drafts, client records, and uploaded documents never leave India. We do not operate any production infrastructure outside India, and we do not replicate data to overseas regions.
The WhatsApp Business messages you send to the Vakil command center flow through Meta's WhatsApp Cloud API, which is hosted on Meta infrastructure. Meta's data handling is governed by Meta's policies and by your WhatsApp Business opt-in.
2. Encryption
All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). This applies to documents in your case files, drafts in your editor, files in your storage bucket, and messages exchanged with the WhatsApp Command Center.
Encryption keys are managed by Google Cloud KMS. Legalese staff do not have direct access to your decrypted content unless required for explicit support cases, in which case access is logged and audited.
3. AI training policy
We never use your data to train AI models. Your drafts, case files, judgments, and WhatsApp messages with the Vakil command center are not used to fine-tune or improve any AI model.
When you use AI features (drafting, research, summarisation, the WhatsApp command center), your data is sent to established commercial LLM providers under their API terms. These providers' commercial terms do not train on API inputs, and we have reviewed the data-handling terms of every provider we use.
We select the LLM provider per task based on quality and reliability, and the same no-training policy applies regardless of which provider handles your request.
4. AI inference: what happens to a request
- You submit a request (draft, summary, question, command).
- Your request is sent to the LLM provider over TLS.
- The provider returns a response.
- The response is stored in your account (if relevant).
- The provider does not retain the request or response for training, per their commercial terms.
Word credits are deducted for every AI call. On failure, the credits are refunded automatically.
5. WhatsApp Command Center data handling
When you message the Legalese Vakil command center on WhatsApp, your messages are processed by an LLM agent with 13 tools (case management, drafting, research, agenda). The LLM provider processes your message under the no-training policy above.
The WhatsApp Business API is provided by Meta. Meta's data handling is governed by Meta's WhatsApp Business Policy. We collect your phone number, opt-in status, and message content only as needed to provide the service.
You can opt out of the WhatsApp command center at any time by messaging STOP. Your phone number will be removed from our messaging system within 24 hours.
6. Compliance with Indian law
Legalese is operated by SIRUGA DEEPMIND TECH (OPC) PRIVATE LIMITED, an Indian company registered in Hyderabad, Telangana. We comply with:
- The Information Technology Act, 2000
- The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
- The Digital Personal Data Protection Act, 2023
Our Grievance Officer is Rudra P, reachable at rudra@legalesepro.com or +91 9966571796. Grievances are acknowledged within 48 hours and resolved within 15 days.
7. Infrastructure
Legalese runs on enterprise cloud infrastructure hosted in India (Mumbai region), with databases, file storage, and backups kept in-region. Authentication, payments, and messaging are handled by established, compliance-certified providers.
AI inference uses commercial large-language-model APIs under contracts that prohibit training on your data (see section 3).
A detailed list of sub-processors and providers is available to enterprise customers on request — get in touch.
8. Incident reporting
If you discover a security issue in Legalese, please report it to security@legalesepro.com. We commit to acknowledging reports within 48 hours and to working with reporters in good faith on responsible disclosure.