Last Updated: January 04, 2026

Demandease, Inc. ("Demandease," "we," "us," or "our") operates the website demandease.com (the "Website") and provides an AI-powered software-as-a-service platform (the "Platform") designed to assist personal injury attorneys in managing client information, tracking case details, and generating demand letters (collectively, the "Services").

We respect your privacy and are committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, store, and protect information when you access or use our Website and Services. By using the Website or Services, you consent to the practices described in this Privacy Policy.

If you do not agree with this Privacy Policy, please do not access or use our Website or Services.

We collect information in the following categories:

• Account Information: When you create an account, we collect your name, email address, law firm name, bar license information (for verification), phone number, and billing information.
• User Content: Data you upload or input into the Platform, including client names, contact details, case information, medical records, and other documents related to personal injury cases. This may include sensitive information such as protected health information (PHI) under HIPAA.
• Communications: Information you provide when contacting support, submitting feedback, or otherwise communicating with us.

• Usage Data: Details about your interaction with the Website and Services, such as IP address, browser type, device information, pages visited, time spent on pages, and referral sources.
• Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to enhance user experience, analyze usage, and provide personalized features. You can manage cookie preferences through your browser settings.

• Payment Processors: We receive billing and transaction information from our third-party payment processors.
• Analytics Providers: Aggregated, anonymized data from third-party analytics services (e.g., Google Analytics).

We use collected information for the following purposes:

• To provide, maintain, and improve the Services (e.g., storing and processing User Content to generate demand letters).
• To process payments and manage subscriptions.
• To communicate with you, including responding to inquiries, providing support, and sending service-related updates.
• To verify eligibility (e.g., confirming you are a licensed attorney).
• To detect, prevent, and address technical issues, fraud, or security risks.
• To comply with legal obligations.
• For internal analytics and research to improve our Services (using anonymized or aggregated data where possible).

We do not use User Content for training AI models or any purpose beyond providing the Services to you.

We do not sell your personal information. We share information only in the following limited circumstances:

• Service Providers: With trusted third-party vendors who assist us in operating the Services (e.g., cloud hosting providers like AWS, payment processors, email services). These providers are contractually obligated to protect your information and use it only for the services they provide to us.
• HIPAA Business Associate Agreement (BAA): If your use involves electronic protected health information (ePHI) and we enter into a BAA with you, sharing will comply with HIPAA requirements.
• Legal Requirements: When required by law, court order, or government request, or to protect our rights, safety, or property.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred (subject to confidentiality obligations).
• With Your Consent: In other cases with your explicit permission.

We do not share User Content (including client data or PHI) with third parties except as necessary to provide the Services or as described above.

We implement reasonable administrative, technical, and physical safeguards to protect your information from unauthorized access, use, or disclosure. These include encryption in transit and at rest, access controls, and regular security assessments.

However, no method of transmission or storage is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

Personal injury law firms are typically not HIPAA "covered entities," but may handle PHI when acting on behalf of covered entities (e.g., healthcare providers).

If your use of the Services involves PHI:

• Demandease is willing to enter into a separate Business Associate Agreement (BAA) upon request, which outlines our HIPAA obligations as a business associate (or subcontractor).
• We will handle electronic PHI (ePHI) in compliance with the BAA and applicable HIPAA Security Rule requirements.
• You remain responsible for determining whether HIPAA applies, obtaining necessary authorizations, and ensuring overall compliance.

If no BAA is in place, we treat all User Content as confidential but do not assume HIPAA-specific obligations.

We retain your personal information and User Content as long as your account is active or as needed to provide the Services. Upon account termination or request, we will delete or anonymize your data, except where retention is required by law or for legitimate business purposes (e.g., backups for disaster recovery).

We provide data export tools to allow you to retrieve your User Content before deletion.

Depending on your location, you may have rights regarding your personal information, such as:

• Access, correction, or deletion of your data.
• Opt-out of certain processing.
• Data portability.

To exercise these rights, contact us at support@demandease.com. We will respond within the timeframes required by applicable law (e.g., CCPA for California residents).

Our Services are not intended for individuals under 18. We do not knowingly collect personal information from children.

Our Services are hosted in the United States. If you access the Services from outside the U.S., your information will be transferred to and processed in the U.S. We use appropriate safeguards for international transfers where required.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Website and updating the "Last Updated" date. Your continued use of the Services constitutes acceptance of the changes.

For questions about this Privacy Policy, HIPAA matters, or to request a Business Associate Agreement, please contact:

Demandease, Inc. Email: support@demandease.com