Legal

Privacy Policy

Last Updated: May 19, 2026

ProgressiveDiscovery.ai ("we," "us," or "our") is committed to protecting your privacy and the confidentiality of your information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, use our services, or interact with us in connection with e-discovery and legal technology services.

As a provider of AI-assisted e-discovery services for law firms and corporate legal departments, we handle highly sensitive legal documents and information. The privacy of client matter data is fundamental to our business, and we maintain rigorous security and confidentiality standards that exceed industry norms.

1. Information We Collect

1.1 Information You Provide Directly

  • Contact information (name, email address, phone number, firm/organization name)
  • ECA request form information (matter description, document volume estimates, urgency level)
  • Communication preferences and correspondence
  • Billing and payment information (processed through secure third-party providers)

1.2 Information Collected Automatically

  • Device information (browser type, operating system, device identifiers)
  • Usage data (pages visited, time spent, referring URLs)
  • IP address and general geographic location
  • Cookie data (as described in Section 10)

1.3 Client Matter Data

When you engage our e-discovery services, you may provide us with documents, emails, and other materials containing:

  • Client and customer information
  • Business communications and contracts
  • Confidential business information
  • Personally identifiable information of third parties
  • Attorney-client privileged communications

This matter data is treated with the highest level of confidentiality and subject to strict data processing agreements.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: To provide, maintain, and improve our e-discovery services
  • Communication: To respond to inquiries, send service-related notices, and provide customer support
  • Proposal generation: To prepare ECA proposals and engagement letters based on matter specifications
  • Billing: To process payments and send invoices
  • Security: To detect, prevent, and address fraud, security issues, and unauthorized access
  • Analytics: To understand how users interact with our website and services
  • Legal compliance: To comply with applicable laws, regulations, and legal process

3. Data Processing & Legal Basis

For individuals in the European Economic Area (EEA), we process personal data under the following legal bases as required by the General Data Protection Regulation (GDPR):

Contract Performance (Art. 6(1)(b) GDPR)

Processing necessary to provide our services under the engagement agreement.

Legitimate Interests (Art. 6(1)(f) GDPR)

Processing for security, fraud prevention, and service improvement, where our legitimate interests are not overridden by your data protection interests.

Consent (Art. 6(1)(a) GDPR)

Where you have provided explicit consent for specific processing activities.

Legal Obligation (Art. 6(1)(c) GDPR)

Processing required to comply with applicable laws and legal obligations.

4. Data Security Measures

We implement comprehensive security measures to protect your information, aligned with SOC 2 Type II standards:

Encryption

AES-256 encryption at rest; TLS 1.3 for data in transit

Isolation

Per-matter logical isolation with dedicated encryption keys

Access Controls

Role-based access, multi-factor authentication, principle of least privilege

Audit Logging

Comprehensive access logs and activity monitoring

For detailed security information, please review our Security & Compliance page.

5. Data Retention

We retain your information for the following periods:

Data Type Retention Period
Contact information Duration of relationship + 3 years
ECA request information 2 years from submission
Client matter data As specified in engagement agreement, typically 7 years post-matter
Audit logs 1 year minimum; 7 years for security incidents
Marketing preferences Until you withdraw consent

6. Information Sharing

We do not sell your personal information. We may share information in the following circumstances:

  • Service providers: Trusted third parties who assist in operating our services (hosting, analytics, payment processing), under strict confidentiality agreements
  • Legal requirements: When required by law, court order, or governmental authority
  • Protection of rights: To protect our rights, privacy, safety, or property, and that of our clients or others
  • Business transfers: In connection with a merger, acquisition, or sale of assets
  • With your consent: When you have provided explicit consent for sharing

7. Client Matter Data

Client matter data (documents submitted for e-discovery processing) receives special handling:

  • Confidentiality: All matter data is treated as strictly confidential. Our team signs NDAs before accessing any client materials.
  • Limited access: Only authorized personnel working on your matter can access your data.
  • No cross-contamination: Your documents are never used to train models for other clients.
  • Secure deletion: Upon matter conclusion or client request, data is securely deleted according to certified destruction protocols.

These practices are formalized in our Data Processing Agreement (DPA), which is incorporated into all client engagement agreements.

8. GDPR & International Data Transfers

For individuals in the European Economic Area (EEA), the United Kingdom, and Switzerland:

Data Transfers

If we transfer personal data outside the EEA, we ensure appropriate safeguards through Standard Contractual Clauses (SCCs), adequacy decisions, or other mechanisms recognized under GDPR.

Data Protection Officer

Our Data Protection Officer can be reached at privacy@progressivediscovery.ai

Supervisory Authority

You have the right to lodge a complaint with your local data protection authority if you believe our processing of your personal data violates applicable law.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

Right to Know

Request disclosure of personal information collected, used, disclosed, or sold about you

Right to Delete

Request deletion of personal information collected, subject to certain exceptions

Right to Correct

Request correction of inaccurate personal information

Right to Opt-Out

Opt out of the sale or sharing of personal information (we do not sell personal information)

Right to Limit Use

Limit use of sensitive personal information to that necessary to provide services

To exercise these rights, contact us at privacy@progressivediscovery.ai or call 952.463.8392.

Categories of Personal Information Collected: Identifiers (name, email, phone, IP address); commercial information (service inquiries, engagement history); internet activity (website usage); professional information (firm/organization, role).

10. Cookies & Tracking Technologies

We use cookies and similar technologies for the following purposes:

Type Purpose
Essential Required for website functionality, security, and service delivery
Analytics Help us understand how visitors use our website (e.g., Google Analytics)
Functional Remember your preferences and settings

You can control cookies through your browser settings. Note that disabling essential cookies may impact website functionality.

11. Your Privacy Rights

Regardless of your location, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information (subject to legal retention requirements)
  • Opt out of marketing communications at any time
  • Object to processing based on legitimate interests
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us using the information in Section 13 below.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will:

  • Post the updated policy on this page with a revised "Last Updated" date
  • Provide prominent notice of material changes via email or website notification
  • Obtain consent where required by applicable law

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Phone

952.463.8392

Mail

ProgressiveDiscovery.ai
A Hanson Construction Services AI Venture
Minneapolis, MN | Denver, CO | Las Vegas, NV

ProgressiveDiscovery.ai is a Hanson Construction Services AI venture committed to protecting your privacy and the confidentiality of your legal matter data.