Privacy Policy

Last updated: April 22, 2026

ClaimHour ("we", "our", "us") operates claimhour.com and the ClaimHour desktop and mobile apps. This page explains what data we collect, why, and how you can control it. We are built for lawyers — privacy is not a marketing word here, it's the product.

Note: nothing on this site or in the ClaimHour app constitutes legal advice. Consult your state bar's advisory opinions on third-party software before adopting any tool in your practice.

1. What we collect

• Email address — when you join the waitlist or sign up, so we can contact you about the product.
• Event metadata — call duration, counterparty phone number or email address (hashed locally before any cloud sync), document filename patterns, edit-session start/end timestamps. Used to build the billable-moment draft entries you review.
• Usage data — which features you open, session duration in the app, error reports. Used to improve the product.
• Device info — OS version, app version, approximate location (country level) inferred from IP.
• Communications — emails you send us and our replies.

We do not collect: audio recordings, email bodies, document contents, client names (unless you type them into a description field), financial information, government IDs, health data, or information from children under 16.

2. Why we collect it

• To provide the billable-moment capture service you signed up for.
• To notify you about product updates and early-access availability (you can opt out at any time).
• To fix bugs and improve features based on aggregate usage patterns.
• To comply with legal obligations (tax records, anti-fraud, etc.).

3. Where your data lives

Event metadata stays on your device by default. Nothing leaves your Mac or iPhone until you explicitly export a time entry to your billing tool. We do not operate a cloud sync service for event data in v1.

Waitlist and account data (email, password hash, plan) is stored on our own VPS in the EU. We do not use third-party data warehouses, analytics SaaS, or customer data platforms.

4. Who we share with

We share the minimum necessary data with these categories of processors:

• Payment processing (Stripe) — if you upgrade to a paid plan. We never store your card details.

We do not sell your data. Ever. We do not share it with advertisers. We do not use any third-party analytics, ad networks, session-replay tools, or tag managers on this website.

5. Attorney–client privilege

ClaimHour is designed to function as a local timekeeping aid. We do not record, transmit, or store the contents of privileged communications. Metadata (call duration, counterparty number) is treated by most state bars the same way a paper time log is. You remain solely responsible for compliance with your jurisdiction's rules of professional conduct.

6. Cookies

On claimhour.com we use one first-party cookie for session management if you log in. No third-party tracking cookies. No tag manager. No analytics script.

7. Your rights

Under GDPR (if you're in the EU), CCPA (if you're a California resident), and similar laws elsewhere, you have the right to:

• Access — request a copy of everything we have on you.
• Correction — ask us to fix incorrect data.
• Deletion — ask us to delete your data ("right to be forgotten"). We'll comply within 30 days unless legally required to retain (e.g. tax records).
• Portability — get your data in a machine-readable format.
• Objection — opt out of any processing based on legitimate interest.

Email privacy@claimhour.com to exercise any of these rights.

8. Data retention

Account data is kept while you have an account, plus 30 days after deletion for backup recovery. Waitlist entries are retained until you unsubscribe. Event metadata lives on your device until you delete it.

9. Security

Data in transit uses HTTPS with modern TLS. On-device data is stored inside the app's sandboxed container. Access to production systems is limited to the operator. We are not perfect; if a breach affects you, we will notify you within 72 hours.

10. International transfers

Our servers are in the EU. If you access the service from outside the EU, your data may be transferred to and processed in the EU — which has strong privacy laws.

11. Not a HIPAA covered entity

ClaimHour is built for legal practice, not healthcare. We do not accept protected health information (PHI) and are not a HIPAA business associate.

12. Changes

We'll update this page if material things change. If we do, we'll notify registered users by email at least 14 days before the change takes effect.

13. Contact

Questions? Email privacy@claimhour.com. We reply within 2 business days.