🚀 Exciting news, Contracts.ai is now free to sign up for everyone.
Sign up for free
cross icon

CCPA Compliance Statement

CONTRACTS.AI, Inc. ("Contracts.ai", "we", "us", or "our") is committed to protecting the privacy and security of your personal information. This page describes how Contracts.ai supports compliance with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). It is intended to provide transparency into our data privacy practices for customers, prospects, and partners.
last updated
January 29th, 2026
1. Overview

Contracts.ai is committed to protecting personal information and supporting compliance with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). This statement summarizes how Contracts.ai processes personal information in its role as a service provider and the safeguards in place to support customer compliance obligations.

2. Scope

This statement applies to personal information processed by Contracts.ai on behalf of its customers in connection with providing its services, including personal information contained in documents, metadata, and AI-assisted outputs.

3. Roles and Responsibilities
  • Business: Customers of Contracts.ai, with respect to personal information they submit or make available
  • Service Provider / Processor: Contracts.ai, processing personal information solely on documented customer instructions
  • Privacy Oversight: CTO / Engineering Leadership

Contracts.ai does not determine the purposes or means of processing customer personal information beyond providing the contracted services.

4. Categories of Personal Information

Depending on customer use of the platform, Contracts.ai may process the following categories of personal information as defined by CCPA:

  • Identifiers (e.g., name, email address, account identifiers)
  • Commercial information contained within customer documents
  • Internet or electronic network activity information
  • Professional or employment-related information
  • Other personal information included in customer-submitted content

Contracts.ai does not intentionally collect personal information directly from consumers.

5. Purpose Limitation and Use Restrictions

Contracts.ai processes personal information solely for the purpose of providing its services, including:

  • Hosting and processing customer-submitted content
  • Performing AI-assisted analysis and retrieval
  • Maintaining platform functionality, security, and reliability

Contracts.ai does not sell or share personal information for cross-context behavioral advertising purposes.

6. Consumer Rights Support

Contracts.ai supports its customers in responding to verified consumer requests under CCPA/CPRA, including:

  • Right to know
  • Right to delete
  • Right to correct
  • Right to limit use of sensitive personal information
  • Right to opt out of sale or sharing (where applicable)

Requests are fulfilled in accordance with customer instructions and applicable law. Consumers should direct requests to the relevant business (customer) acting as the data controller.

7. Data Security Safeguards

Contracts.ai implements reasonable and appropriate security measures designed to protect personal information, including:

  • Encryption of data in transit using TLS 1.2 or higher
  • Access controls based on least privilege
  • Secure authentication and authorization mechanisms
  • Secure software development lifecycle (SDLC) practices
  • Regular security testing, including third-party penetration testing
8. Retention and Deletion
  • Personal information is retained only as long as necessary to provide the services or as required by law
  • Customers may request deletion of personal information in accordance with contractual terms
9. Subprocessors

Contracts.ai may engage vetted subprocessors to support service delivery, such as cloud infrastructure or AI service providers. Subprocessors are contractually required to process personal information in a manner consistent with CCPA requirements.

A list of subprocessors is available upon request.

10. Incident Response

Contracts.ai maintains an incident response program to detect, respond to, and remediate security incidents involving personal information.

In the event of a data breach, Contracts.ai will notify affected customers in accordance with contractual obligations and applicable law.

11. Governance and Review

This CCPA Compliance Statement is reviewed periodically and updated as necessary to reflect changes in legal or operational requirements.

Detailed privacy and data processing obligations are governed by the Contracts.ai customer agreements and applicable data protection addenda.

12. Contact and Privacy Inquiries

Questions regarding this CCPA Compliance Statement or Contracts.ai privacy practices may be directed to:

Email: hello@contracts.ai

Consumers should submit privacy requests through the relevant customer organization acting as the business under CCPA.

Built with love and care in Silicon Valley, USA
Sign Up
Sign Up
SOC 2 and SOC 3 certified
Company
AboutContactPrivacyTerms
Legal
GDPRCCPAHIPAASubprocessors
Support
hello@contracts.ai
© Contracts AI, Inc. All rights reserved.
Contracts.ai provides technology, not legal services, and its AI generated output is not legal advice, and may contain errors and misstatements or may be incomplete.  Use of Contracts.ai platform does not create an attorney-client relationship.

DISCLAIMER: All logos and trademarks appearing on this website are the property of their respective owners. Their use is for informational purposes only and does not constitute an endorsement, sponsorship, or affiliation.