Privacy Policy

When you use Clearhavn, you may provide us with:

• Account information — your email address, a hashed password, and your name (optional).
• Case content — events, dates, descriptions, journal entries, custody schedules, party information, witnesses, court orders, and any other information you choose to enter.
• File attachments — photos, screenshots, audio, video, PDFs, and documents you upload to support your records.
• Billing information — if you upgrade to a paid plan, payment is handled by Stripe. We never see or store your full card number.
• Communications — anything you send us by email or in support requests.

We collect a minimal amount of technical information needed to run the service safely:

• Authentication tokens — short-lived JWTs in your browser that keep you logged in.
• Server logs — IP address, request path, status code, and timestamp for each request. Used for security monitoring and debugging. Retained for up to 30 days.
• Error reports — when something goes wrong, we may capture the technical context (browser, page, error message) to fix it.

We do not use third-party advertising trackers, marketing pixels, or behavioral analytics that profile you across the web.

• Database — case content is stored in a managed Postgres database (Neon) in the United States, encrypted at rest and in transit.
• File attachments — uploaded files are stored in Cloudflare R2 object storage. Files are private by default and only accessible via short-lived signed URLs that we generate when you request them.
• Passwords — never stored in plain text. We use bcrypt with a per-account salt.
• PIN codes — if you set a session PIN, it is hashed with bcrypt before storage.

Your case is private by default. By design, the only people who can see your data are:

• You, when you log in to your account.
• People you explicitly invite — for example, an attorney you invite to view your case as a read-only collaborator.
• A small number of Clearhavn engineers, only when investigating a bug, security issue, or support request, and only to the extent necessary.

We do not sell, rent, or share your data with advertisers, brokers, marketers, or other third parties for their own use.

We rely on a small set of vendors to operate the service. Each processes only what is needed to do its job:

• Vercel — application hosting (United States).
• Neon — Postgres database hosting (United States).
• Cloudflare R2 — object storage for file attachments.
• Stripe — payment processing for paid plans. We do not see your full card number.
• Resend — transactional email delivery (password resets, attorney invitations).

• Access and export — you can export your full case as a Markdown chronology, PDF chronology, or court packet (PDF + attached files in a ZIP) at any time, from inside the app.
• Deletion — you can delete individual events, attachments, journal entries, or your entire account from inside the app. Deletion is permanent and removes the underlying data from our database.
• Correction — you can edit any record you create.
• Account closure — email hello@clearhavn.com and we will close your account and delete your data within 30 days.
• Data portability — exports are provided in standard formats (Markdown, PDF, JSON on request) so you can take your records elsewhere.

If you are a resident of California, the EEA, the UK, or another jurisdiction with specific data protection rules, you may have additional rights under local law (such as the right to object, restrict processing, or lodge a complaint with a regulator). Contact us to exercise any of those rights.

We keep your case data as long as your account is active. When you delete an item, it is removed from the database. When you close your account, we delete your data within 30 days, except for limited information we may need to retain for legal or accounting reasons (for example, payment records).

We take reasonable measures to protect your data, including:

• TLS encryption for all connections to and from the service
• Encryption at rest for the database and file storage
• Bcrypt password and PIN hashing
• Short-lived signed URLs for file access (no public links)
• Optional session PIN lock and panic-exit shortcut for at-risk users
• Regular dependency updates and security review

No system is perfectly secure. If you suspect your account has been compromised, change your password immediately and email hello@clearhavn.com.

Clearhavn is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with information, please contact us so we can remove it.

We may update this policy as the service evolves. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will notify you by email or in the app before the changes take effect.

Questions, requests, or concerns about your privacy? Email us at hello@clearhavn.com.