Privacy

What we do with your documents, and what we don't.

Download as PDF (v1.1)

Effective date: April 15, 2026 Last updated: May 17, 2026

HallucinX is built around a simple privacy commitment: your documents stay yours, and we don't track you. This policy explains what that means in practice.

The short version

  • No marketing cookies. We only set cookies that are strictly necessary to log you in and keep your account secure.
  • No cross-site tracking. We don't run advertising pixels, behavioral analytics, or third-party scripts that follow you across the web.
  • No document retention. For verification, your brief is parsed entirely in your browser — the document itself never reaches our servers. If you also request an annotated brief, the file transits our infrastructure to render the annotations, but is not written to disk, logged, or stored at any layer.

The rest of this policy is the detail behind those commitments.

Who we are

HallucinX is operated by Z-Labs, LLC. If you have privacy questions or want to access, correct, or delete your data, contact privacy@hallucinx.com.

What we collect

We collect only what is necessary to run your account and the service.

Account information. Your email address and authentication credentials, managed by our authentication provider (Clerk). We use this to log you in, send you transactional email (receipts, password resets, security alerts), and contact you about your account.

Billing information. Subscription status, plan, and payment state, managed by our billing provider (Stripe). Your card details are handled directly by the billing provider and never touch our infrastructure.

Usage counters. A count of how many briefs you have verified in the current billing period, used to enforce plan limits. We do not store which briefs you verified, what was in them, or what the verification results were.

Server logs. Standard web server logs (request times, error codes, IP addresses) retained for 30 days for debugging and security purposes, then purged.

We do not collect: the contents of your documents, the citations you verified, the results of your verifications, behavioral analytics, browser fingerprints, advertising identifiers, or location data beyond what is in standard server logs.

How your documents are handled

HallucinX has two flows that touch your brief. They have different privacy properties, and the difference matters.

Verification (the default flow). When you upload a brief, parsing happens entirely in your browser: pdf.js reads text PDFs, tesseract.js runs OCR on scanned PDFs, mammoth reads DOCX. Citation extraction also happens in your browser, via the Pyodide runtime running the eyecite library in a Web Worker. Only the resulting list of citation strings (for example, "Smith v. Jones, 123 F.3d 456") is sent to our server. Our server forwards those strings to our verification engine (Modal), which forwards them to CourtListener's Citation Lookup API. No part of your document — neither the bytes, the extracted text, nor any quoted material — leaves your browser in this flow.

Annotated brief download (optional, user-initiated). If you click "Download annotated brief," the original PDF is sent through our server to the verification engine along with the verification verdicts already produced. The engine renders the annotations and returns the annotated PDF. The bytes transit our infrastructure but are not written to disk, logged, or stored at any layer. Once the response returns to your browser, the bytes are released.

Nothing about your document is written to a database, log file, or any other persistent storage. This is a design property of the system, not a policy we could change without rebuilding the verification engine.

For the professional-responsibility framing behind this design, see Ethics.

Cookies

HallucinX uses only essential cookies:

  • Authentication session cookie (Clerk) — keeps you logged in.
  • CSRF token — protects forms against cross-site request forgery.

Your billing provider may set its own cookies on its own checkout domain when you make a payment. Those cookies are governed by the billing provider's privacy policy and are not under our control.

We do not set or permit any other cookies. We do not use marketing cookies, advertising cookies, behavioral tracking cookies, or third-party analytics cookies.

Third parties we work with

We use the following service providers ("subprocessors") to operate HallucinX. Each of them receives only the data necessary to perform their function.

  • Vercel — hosting and content delivery. Sees standard web server logs. Also proxies the original PDF to Modal when you request an annotated brief. Privacy policy
  • Modal — verification engine compute. For verification, receives citation strings only. For the optional annotated-brief download, receives the original PDF in worker memory and returns an annotated PDF. Nothing is persisted in either case. Privacy policy
  • Clerk — authentication and account management. Privacy policy
  • Stripe — billing and payments. Privacy policy
  • CourtListener (Free Law Project) — citation verification. Receives citation strings only; does not receive your identity, your document, or any other content. Privacy policy
  • jsdelivr (CDN) — delivers the Pyodide runtime and the eyecite Python package (along with reporters-db, courts-db, lxml, and regex) to your browser on first verification. This is a direct browser-to-CDN connection: jsdelivr sees your browser fetching runtime files, but does not see citation strings or document content. Privacy policy

We will update this list when we add or change subprocessors.

How we use your information

We use the information we collect only to:

  • Provide and operate the service
  • Authenticate you and secure your account
  • Process payments and enforce plan limits
  • Send transactional email (receipts, account notices, security alerts)
  • Send occasional product update emails to active users, with an unsubscribe link
  • Comply with legal obligations
  • Investigate and prevent abuse

We do not: sell your data, share your data with advertisers, use your data to train AI models, or run behavioral profiling.

How long we keep your information

  • Account data: for the lifetime of your account, plus 30 days after deletion to allow for recovery and to complete pending operations.
  • Billing records: retained as required by tax and accounting law, typically seven years.
  • Server logs: 30 days, then purged.
  • Usage counters: rolling window aligned with your billing period; historical counts are aggregated and detached from individual activity.
  • Document content: not retained at any point. See "How your documents are handled" above.

Your rights

You have the right to:

  • Access. Ask what personal data we hold about you. For most users this is limited to account email and subscription status.
  • Correct. Ask us to correct inaccurate information. Account email is editable directly in your account settings.
  • Delete. Ask us to delete your account and associated data. Subscription records may be retained as required by tax and accounting law.
  • Export. Ask for a copy of your account data in a portable format.
  • Object to specific uses of your data.
  • Withdraw consent for any processing that depends on consent.
  • Lodge a complaint with a data protection authority in your jurisdiction.

To exercise any of these rights, email privacy@hallucinx.com. We will respond within 30 days.

We do not sell personal information. We do not share personal information with third parties for their own marketing purposes.

If you are in the European Union, the United Kingdom, California, Colorado, Virginia, or another jurisdiction with specific privacy laws, you may have additional rights. Contact us and we will explain how those rights apply to your situation.

Security

We use encryption in transit (TLS) for all connections, encryption at rest for stored account data, and standard operational practices to protect against unauthorized access. The strongest privacy protection in HallucinX is architectural: because we do not retain document content, there is no document content to be exposed in a breach.

No system is perfectly secure. If we ever experience a data breach affecting your information, we will notify you and the relevant authorities as required by law.

Children

HallucinX is designed for use by legal professionals and others who file briefs in court and is not directed to children. We do not knowingly collect information from anyone under 18.

International users

HallucinX is operated from the United States. If you use the service from outside the United States, your information will be processed in the United States and other countries where our subprocessors operate. By using the service, you consent to this processing.

Changes to this policy

We may update this policy from time to time. When we make material changes, we will notify active users by email and update the "Last updated" date at the top of this page. Continued use of the service after changes take effect constitutes acceptance of the updated policy.

Contact

privacy@hallucinx.com — privacy questions, data subject requests, complaints.

For other inquiries, see the contact information on hallucinx.com.