Privacy Policy
Last updated: 26 February 2026
1. Overview
BarristerAI ("the Service") is operated by an individual Australian barrister ("we", "us", or "our"). We are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, and store your personal information.
2. Information We Collect
We collect the following personal information when you register for and use the Service:
Account Information
- Full name
- Email address
- Password (stored in hashed form only)
- Jurisdiction (e.g. state or territory of practice)
- Role (e.g. Judge, Barrister, Solicitor)
Usage Information
- Search queries and case viewing history
- Feature usage and interaction data
- Daily digest email preferences
Payment Information
If you subscribe to the paid tier, payment information (credit card details, billing address) is collected and processed directly by Stripe. We do not store your full credit card number. We receive only a limited set of billing details from Stripe (such as the last four digits of your card and billing postcode) for account management purposes.
3. How We Use Your Information
We use your personal information for the following purposes:
- Providing the Service: To operate your account, authenticate your sessions, and deliver AI-generated legal research content.
- Personalisation: To tailor case recommendations and search results based on your jurisdiction and role.
- Communications: To send daily digest emails with recent cases relevant to your preferences. You can unsubscribe from digest emails at any time.
- Payment processing: To manage your subscription and billing through Stripe.
- Service improvement: To understand usage patterns and improve the Service.
4. Anonymity of Usage
We do not associate any individual user by name with their activity on the Service. The operators and owners of BarristerAI cannot look up what any particular judge, barrister, solicitor, or other user is searching for, what cases they are viewing, or what their preferences are.
Usage data and preferences are stored against anonymised internal identifiers only. There is no administrative interface or process that allows the operator to query individual user activity by name, email address, or any other personally identifying attribute. Aggregate, non-identifying usage statistics may be used to improve the Service.
5. Cookies and Authentication
The Service uses cookies for authentication purposes. When you sign in, a JSON Web Token (JWT) session cookie is set via NextAuth to maintain your authenticated session. This cookie is essential for the Service to function and cannot be disabled while using an authenticated session. We do not use advertising or third-party tracking cookies.
6. Third-Party Service Providers
We share personal information only with the following third-party service providers, and only to the extent necessary to operate the Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Neon (PostgreSQL) | Database hosting | All account and usage data (stored on US servers) |
| Stripe | Payment processing | Name, email, payment details |
| Resend | Transactional and digest emails | Name, email address |
| Anthropic (Claude AI) | AI content generation | Case text for analysis (no personal data) |
We do not sell, rent, or share your personal information with any other third parties.
7. Data Storage and Overseas Disclosure
Your data is stored on Neon PostgreSQL servers located in the United States. By using the Service, you consent to the transfer and storage of your personal information outside of Australia. In accordance with APP 8, we take reasonable steps to ensure that overseas recipients handle your information consistently with the Australian Privacy Principles.
8. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. If you close your account, we will delete your personal information within 30 days, except where we are required to retain it by law or for legitimate business purposes (such as resolving disputes or enforcing our Terms of Service).
9. Your Rights
Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the right to:
- Access: Request access to the personal information we hold about you.
- Correction: Request correction of inaccurate or out-of-date personal information.
- Deletion: Request deletion of your personal information. You may do so by contacting us at the email address below or by deleting your account through your account settings.
- Complaint: Lodge a complaint with us if you believe we have breached the APPs. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner.
10. Security
We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Passwords are stored using industry-standard hashing algorithms and are never stored in plain text. All data in transit is encrypted using TLS. However, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.
11. Children
The Service is designed for legal professionals and is not directed at individuals under the age of 18. We do not knowingly collect personal information from children.
12. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service. We encourage you to review this page periodically.
13. Contact
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at support@barrister.ai.
See also our Terms of Service.