Marbury Logo

marbury.ai

Marbury Data Processing and Privacy Policy

Effective Date: January 15, 2026

LimineAI, Inc. ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our legal Software-as-a-Service (SaaS) platform (the "Service"). This policy is designed to comply with the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

1. Information We Collect

We collect information that falls into the following categories:

1.1. User Generated Content

This includes any information, data, or files you create, upload, or input while using the Service for legal matters.

  • Examples: Matter information (e.g. name, description), client details, uploaded legal documents/files, notes, and AI-generated responses (e.g., summaries, drafts).
  • Purpose: To provide the core functionality of the Service and fulfill contractual obligations.
Note: We maintain strict data isolation. Your User Generated Content for different matters is kept completely separated, and each matter is isolated from others to ensure confidentiality and prevent any data commingling.

1.2. User Configuration

This includes information necessary to set up, manage, and bill your account.

  • Examples: User name, user email address, and account settings.
  • Purpose: Account management, communication, customer support, and processing payment for the Service.

1.3. Operation Metadata

This includes anonymous data generated by your use of the Service. Operation Metadata does not contain personal identifiers or user-identifiable information and is used solely for monitoring performance, usage analysis, service improvement, and customer support.

  • Examples: Storage usage, AI usage, webpage and server metrics, time stamps, browser type, operating system, and IP address (anonymized where feasible).
  • Purpose: Service maintenance, security, capacity planning, usage reporting, and internal analytics.

2. How We Use Your Information

We use the collected information for the following purposes and under the following legal bases:

CategoryPurpose of UseLegal Basis
User Generated ContentProviding the core Service (processing legal matters, storing files, generating AI responses).Contractual Necessity
User ConfigurationAccount setup, service communication, billing, and customer support.Contractual Necessity; Legitimate Interests (customer support)
Operation MetadataService monitoring, security, analytics, and internal capacity planning.Legitimate Interests (improving and securing the Service)
All CategoriesCompliance with legal obligations (e.g., tax, law enforcement requests).Legal Obligation

3. How We Share Your Information

3.1. User Generated Content

Policy: User Generated Content will not be accessed by LimineAI, Inc. employees or shared with any third party, except when legally required (see Section 5.1).

3.2. User Configuration

We may share User Configuration data with third-party service providers for restricted and necessary purposes:

  • Communication: Sharing contact information with email service providers to send service-related notifications and invoices.
  • Legal Compliance: Sharing information when legally required (see Section 5.1).

We ensure that all third parties receiving User Configuration data are bound by data processing agreements that mandate the same level of data protection and security as outlined in this policy.

3.3. Operation Metadata

Operation Metadata is generally used internally. We may access this data and may share it with third parties (e.g., cloud infrastructure providers) for Marbury service improvement:

With user consent: For restricted cases, such as providing customer support or user-requested troubleshooting related to the performance or behavior of the Service.

4. Data Security

We implement reasonable technical, administrative, and physical security measures designed to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include encryption, access controls, and regular security audits.

  • Data Encryption: Encrypting data both "in transit" (using TLS/SSL) and "at rest" (using AES-256 or similar standards) to protect against unauthorized interception or access to stored data.
  • Role-Based Access Control (RBAC): Implementing controls that ensure users (including LimineAI, Inc. employees) only have access to the minimum data necessary to perform their job functions or use the service.
  • Logical Data Isolation: Structuring the underlying infrastructure to ensure that data belonging to different clients is strictly separated and not commingled, typically through multi-tenant database designs with strict isolation policies.

5. Your Data Protection Rights

5.1. GDPR Rights (for EU residents)

Under the GDPR, you have the right to:

  • Access: Request copies of your personal data.
  • Rectification: Request that we correct any information you believe is inaccurate or incomplete.
  • Erasure (Right to be Forgotten): Request that we erase your personal data, subject to certain exceptions (e.g., legal retention requirements).
  • Restrict Processing: Request that we restrict the processing of your personal data.
  • Object to Processing: Object to our processing of your personal data.
  • Data Portability: Request that we transfer the data we have collected to another organization, or directly to you.
  • Lodge a Complaint: Complain to a supervisory authority about our collection and use of your personal data.

5.2. CCPA/CPRA Rights (for California residents)

Under the CCPA/CPRA, you have the right to:

  • Know/Access: Request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Delete: Request the deletion of personal information we have collected, subject to certain exceptions.
  • Opt-Out of Sale or Sharing: LimineAI, Inc. does not sell or share (as defined by CCPA/CPRA) your personal information, including User Configuration and User Generated Content.
  • Non-Discrimination: Not be discriminated against for exercising any of your CCPA/CPRA rights.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

7. Data Wipeout Request

You may request the complete wipeout (deletion) of your data at any time by contacting us:

Email: support@marbury.ai

We will process your request promptly, subject to any legal obligations requiring us to retain certain information.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date."

9. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Email: support@marbury.ai

Marbury makes AI easy.

From a world-class team of Google engineers and top AI attorneys looking to build sensible and high-performing AI tools for the modern legal practice. AI that is safe and easy for all legal professionals.