Privacy Policy

Effective Date: January 28, 2026
Last Updated: February 9, 2026

inchambers.ai ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application, Microsoft Word add-in, and related services (collectively, the "Service"). For more details on our privacy architecture, see our Privacy Architecture page. This policy complies with Microsoft Office Add-in Store requirements, Google OAuth requirements, and Microsoft Azure OAuth requirements.

Our Core Privacy Promise: inchambers.ai is built on a zero-knowledge architecture. Your documents, AI prompts, AI responses, API keys, templates, chat history, and analysis results never touch our servers. All document processing happens entirely on your device.

1. Information We Collect

1.1 Information You Provide

  • Account Information: When you register for inchambers.ai, we collect your name, email address, profile picture URL, and country (as provided by Google OAuth or Microsoft Azure OAuth).
  • Payment Information: When you subscribe to a paid plan, payment information is processed by our third-party payment processor, Stripe. We store only your Stripe customer ID for subscription management. We do not store your payment card details.
  • Contact Form Submissions: If you contact us via a form on our website, we collect the information you submit (name, email, message) along with your IP address for spam prevention.
  • Newsletter Subscription: If you subscribe to our newsletter, we collect your email address.

1.2 Information Collected Automatically

  • Usage Metrics: We collect aggregate feature usage data consisting of: the feature name used (e.g., "Risk Analysis"), the AI provider and model selected, whether the request succeeded or failed, and a per-user request count. We do not collect the content of your documents, prompts, or AI responses.
  • Session Data: We record session duration and activity count (number of actions per session) for understanding engagement patterns.
  • Rate-Limiting Data: Your IP address is processed transiently by our Redis-based rate limiter to prevent abuse. This data is held in memory only and is not persisted to any database or log.

1.3 Information We Do NOT Collect

Consistent with our zero-knowledge architecture, we do not collect, store, transmit, or have access to:

  • Document Content: The text, data, or content of your Word documents or uploaded files
  • AI Prompts and Responses: The prompts you send to AI providers or the responses you receive
  • API Keys: Your AI provider API keys, which are encrypted and stored only on your device
  • Templates: Personal or clause templates you create or import
  • Chat History: Your conversation history with AI assistants
  • Analysis Results: Results from Risk Analysis, Redline Analysis, Comments Analysis, Compliance Screening, or any other analysis module
  • Device Information: We do not collect your operating system, browser type, or Microsoft Office version
  • Page Views or Browsing Patterns: We do not track which pages you visit within the application
  • Client or Case Information: Any information about your legal matters, clients, or cases

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process your transactions and manage your subscription
  • Authenticate your identity through Google OAuth or Microsoft Azure OAuth
  • Send you technical notices, updates, security alerts, and support messages
  • Respond to your comments, questions, and customer service requests
  • Monitor aggregate usage trends (feature popularity, tier distribution) to improve the Service
  • Enforce rate limits and prevent abuse of the platform proxy
  • Detect, prevent, and address fraudulent activity
  • Comply with legal obligations and enforce our Terms of Service

3. Third-Party Authentication and OAuth Scopes

3.1 Google OAuth (Sign-In)

When you sign in with Google, we request the following scopes:

  • openid, email, profile: To authenticate your identity and retrieve your name, email address, and profile picture.

We comply with Google's OAuth 2.0 policies and limited use requirements. Sign-in does not grant us access to your Google Drive, Gmail, or other Google services.

3.2 Microsoft Azure OAuth (Sign-In)

When you sign in with Microsoft, we request the following scopes:

  • openid, profile, email, User.Read: To authenticate your identity and retrieve your name, email address, and profile picture.

We comply with Microsoft identity platform requirements and only request the minimum permissions necessary for authentication.

3.3 Google Drive OAuth (Cloud Sync — Optional, Separate Consent)

If you opt in to Cloud Sync via Google Drive, we request an additional scope:

  • drive.appdata: Access only to a hidden application-specific folder in your Google Drive. We cannot read, modify, or access any other files in your Drive.

This scope is requested only when you explicitly enable Cloud Sync in Settings. All data written to Google Drive is encrypted client-side with AES-256-GCM before upload (see Section 4).

3.4 Microsoft OneDrive (Cloud Sync — Optional, Separate Consent)

If you opt in to Cloud Sync via OneDrive, we request an additional scope:

  • Files.ReadWrite.AppFolder: Access only to a hidden application-specific folder in your OneDrive. We cannot read, modify, or access any other files in your OneDrive.

This scope is requested only when you explicitly enable Cloud Sync in Settings. All data written to OneDrive is encrypted client-side with AES-256-GCM before upload (see Section 4).

4. Zero-Knowledge Architecture and Data Security

4.1 Zero-Knowledge Design

inchambers.ai is architected so that your sensitive data never reaches our servers. The system operates across four isolated layers:

  1. Authentication Layer: Our servers validate your identity and subscription status only. No document data passes through this layer.
  2. Processing Layer: All document analysis, risk assessment, redline comparison, drafting, and other processing happens entirely client-side in your browser or Microsoft Word runtime.
  3. API Layer: When you use AI features, your device connects directly to the AI provider (OpenAI, Anthropic, Google, xAI, DeepSeek, Mistral, or via OpenRouter) using your own API keys. Our servers are not in this path.
  4. Storage Layer: Our database stores only billing metadata and aggregate usage counts — never documents, keys, prompts, or responses.

4.2 Platform Proxy (Free Tier)

Free-tier users who do not provide their own API keys may use our platform proxy, which routes AI requests through a Cloudflare Worker to OpenRouter. In this flow:

  • Your document content passes through the Worker's memory to reach the AI provider.
  • Content is never logged, stored, or persisted by the Worker. It exists only in memory for the duration of the request.
  • The Worker enforces rate limits and tracks request counts only (not content).

4.3 Local Data Storage

  • API Keys: Encrypted with AES-256-GCM using the WebCrypto API. Encryption keys are stored as non-extractable CryptoKey objects in IndexedDB, making them resistant to XSS attacks.
  • Templates, Chat History, Analysis Results: Stored in your browser's IndexedDB, isolated to the inchambers.ai origin. This data never leaves your device unless you opt in to Cloud Sync.
  • Preferences: User settings stored in IndexedDB on your device.

4.4 Cloud Sync (Optional, User-Controlled)

You may optionally enable Cloud Sync to back up your local data (documents, chat history, analysis results, templates) to your own Google Drive or OneDrive account. When enabled:

  • All data is encrypted client-side with AES-256-GCM before being uploaded to your cloud storage.
  • Encryption keys are stored as non-extractable CryptoKey objects in your browser's IndexedDB.
  • We cannot decrypt your cloud-synced data. Only your browser, on your device, holds the decryption keys.
  • You can choose between three modes: Local Only (default), Cloud Backup, or Cloud First.
  • You can disable Cloud Sync and delete your cloud data at any time.

4.5 Security Measures

We implement appropriate technical and organizational measures to protect your information, including:

  • TLS 1.2+ encryption for all data in transit
  • AES-256-GCM encryption for locally stored API keys and cloud-synced data
  • Origin-isolated IndexedDB storage
  • OAuth 2.0 with PKCE (Proof Key for Code Exchange) for authentication flows
  • JWT-based session management with RS256 signatures
  • Regular security assessments and updates

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

  • Stripe: Payment processing. Stripe receives your payment details directly; we store only your Stripe customer ID.
  • Fly.io: Application hosting and database infrastructure for our backend servers.
  • Cloudflare: DNS, CDN, and the platform proxy Worker for free-tier AI requests.
  • AWS SES: Transactional email delivery (account notifications, password resets).
  • Upstash (Redis): Transient rate-limiting data only. No personal information is persisted.
  • OpenRouter: AI request routing for free-tier platform proxy and BYOK OpenRouter users. Content passes through in-memory only and is not logged by us.
  • AI Service Providers: When you use AI features with your own API keys, your device connects directly to the chosen provider (OpenAI, Anthropic, Google, xAI, DeepSeek, Mistral). We are not a party to this connection.
  • Microsoft Azure AI Foundry / Google Vertex AI: For Professional and Enterprise organizations, AI requests may be routed through your organization's managed AI platform. API keys are stored in your cloud account and never shared with inchambers.ai.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies).

5.3 Business Transfers

If inchambers.ai is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Your Rights and Choices

You have the following rights regarding your information:

6.1 Access and Portability

You can access your account information through your account settings. Your locally stored data (templates, chat history, analysis results) can be exported from your browser's IndexedDB at any time.

6.2 Correction and Update

You can update your account information through your account settings.

6.3 Deletion

  • Server-Side Data: You can request deletion of your account and associated data by contacting us at privacy@inchambers.ai. We will delete or anonymize your information within 90 days, except where retention is required by law or for legitimate business purposes.
  • Local Data: You can delete all locally stored data (API keys, templates, chat history, analysis results) by clearing your browser's site data for inchambers.ai, or by using the "Clear Data" option in Settings.
  • Cloud Sync Data: If you use Cloud Sync, you can delete your encrypted cloud data through Settings or directly from your Google Drive / OneDrive.

6.4 Opt-Out

You can opt out of marketing communications by following the unsubscribe link in emails or updating your communication preferences.

6.5 Withdraw Consent

You can revoke OAuth permissions through your Google or Microsoft account settings at any time. You can disable Cloud Sync at any time in Settings.

7. Data Retention

  • Account Data: Retained for as long as your account is active. Upon account deletion, we delete or anonymize your data within 90 days, except where retention is required by law.
  • Usage Metrics: Retained for the lifetime of your account to provide analytics and service improvements.
  • Rate-Limiting Data: Transient, held in Redis memory only. Automatically expires and is not persisted to disk.
  • Password Reset Tokens: Expire after 1 hour and are deleted upon use.
  • Local Data: Stored on your device until you clear it. We have no access to this data.

8. Children's Privacy

inchambers.ai is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

9. International Data Transfers

Your account information may be transferred to and processed in countries other than your country of residence, including countries where our infrastructure providers operate. These countries may have different data protection laws. By using the Service, you consent to the transfer of your information to these locations. We ensure appropriate safeguards are in place for any such transfers.

10. Microsoft Office Add-in Compliance

inchambers.ai complies with Microsoft Office Add-in Store privacy requirements:

  • Document content is processed entirely client-side within the Word runtime and never reaches our application servers
  • When AI features are used, document content is sent directly from your device to the AI provider using your own API keys
  • We do not transmit or store document content on our servers
  • We do not use document content for advertising or marketing purposes
  • We implement appropriate security measures to protect data processed through the add-in

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For material changes, we will provide additional notice (such as an email notification).

12. Contact Us

inchambers.ai
Owned by: Pawan Khatri
All rights reserved.

Email: privacy@inchambers.ai
Data Protection Officer: dpo@inchambers.ai
Website: https://inchambers.ai

13. Jurisdiction-Specific Rights

13.1 European Economic Area (EEA) — GDPR

If you are located in the EEA, we process your personal data under the following legal bases:

  • Contract Performance (Art. 6(1)(b)): Processing necessary to provide the Service, including account management and subscription billing.
  • Legitimate Interests (Art. 6(1)(f)): Aggregate usage analytics to improve the Service, rate limiting to prevent abuse, and fraud prevention.
  • Consent (Art. 6(1)(a)): Marketing communications and optional Cloud Sync. You may withdraw consent at any time.

You have additional rights under the GDPR, including the right to access, rectify, erase, restrict processing, data portability, and the right to lodge a complaint with a supervisory authority.

13.2 California — CCPA

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request deletion of your personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
  • We do NOT sell your personal information. We do not share your personal information for cross-context behavioral advertising.

13.3 Canada — PIPEDA

If you are located in Canada, your information may be processed by our Canadian operations and you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA), including the right to access and correct your personal information.

13.4 India — IT Act

If you are located in India, your information is subject to the Information Technology Act, 2000 and associated rules, including the Sensitive Personal Data or Information Rules, 2011.

Grievance Officer: For complaints or concerns under Indian law, contact our Data Protection Officer at dpo@inchambers.ai. We will acknowledge your complaint within 48 hours and resolve it within 30 days.

By using inchambers.ai, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. Please also review our Terms of Service and Disclaimer.