Privacy Policy

1. Who This Policy Applies To

This policy applies to law firms and their staff — attorneys and paralegals — who access Civis Agent through an invitation-based account. It covers all information collected through our web application at app.civisagent.com.

Civis Agent is a business-to-business service. We do not offer services directly to immigration applicants or members of the public. If you are an immigration applicant whose information has been entered into Civis Agent by your attorney or paralegal, your information is handled under the direction of that law firm. Your attorney or paralegal is responsible for informing you about the tools used in your representation.

2. Information We Collect

Account information

When a law firm is onboarded and team members accept invitations, we collect names and email addresses. This information is provided to us directly by the Civis admin who sets up the firm or by the firm owner who invites team members. No account can be created without an explicit invitation — there is no open registration.

Authentication information

We use Google and Microsoft OAuth for sign-in. We do not store passwords. When you sign in, we receive your email address and a unique identifier from Google or Microsoft confirming your identity. We do not receive or store your Google or Microsoft password.

Case information

Attorneys and paralegals enter immigration case information into Civis Agent — including client names, immigration history, family relationships, employment details, financial information, and supporting documentation references. This information is entered by law firm staff in the course of preparing immigration cases on behalf of their clients.

Sensitive personal information

Certain fields in Civis Agent are designated as sensitive — including Social Security Numbers, Alien Registration Numbers, USCIS Account Numbers, passport numbers, and travel document numbers. These fields are stored directly in our database through a dedicated secure entry interface and are never processed by our AI systems. See Section 5 for a full description of how sensitive fields are protected.

Usage information

We collect standard technical information about how the application is used — including pages visited, actions taken, and session timestamps. This information is used to operate and improve the product.

3. How We Use Information

We use the information we collect to:

• Operate and provide the Civis Agent service to law firms
• Authenticate users and maintain secure sessions
• Process case information through our AI-assisted preparation pipeline
• Send invitation emails and service communications
• Respond to support requests
• Improve and maintain the product

We do not use case information or client data to train AI models. Case data entered into Civis Agent is processed by our AI systems solely to assist with case preparation for the law firm that entered it. It is not used for any other purpose.

We do not sell personal information to third parties. We do not use personal information for advertising purposes.

4. Third Party Services

Civis Agent uses the following third party services that may handle user or case data:

OpenAI

We use OpenAI's API to power AI-assisted case preparation features. Case narratives and case facts are processed through OpenAI's API to extract information, determine required forms, and identify outstanding fields. Sensitive fields — including Social Security Numbers, Alien Registration Numbers, passport numbers, and USCIS Account Numbers — are never sent to OpenAI under any circumstances. OpenAI processes non-sensitive case data under their API data usage policies. OpenAI does not use API data to train their models by default. For more information, see OpenAI's privacy policy at openai.com/privacy.

Supabase

We use Supabase as our database service. All case data, user account information, and application data is stored in Supabase-managed infrastructure. All data is stored in the United States. Supabase employs industry-standard security controls for data storage and access. For more information, see Supabase's privacy policy at supabase.com/privacy.

Google and Microsoft

We use Google and Microsoft OAuth for authentication. When you sign in, your browser communicates with Google or Microsoft to confirm your identity. We receive only your email address and a unique identifier. We do not receive access to your Google or Microsoft account, files, or other data. For more information, see Google's privacy policy at policies.google.com and Microsoft's privacy policy at privacy.microsoft.com.

5. Data Storage and Security

All data processed and stored by Civis Agent is located in the United States.

Sensitive field protection

Immigration case data includes highly sensitive personal information — Social Security Numbers, Alien Registration Numbers, USCIS Account Numbers, passport numbers, and travel document numbers. We treat these fields differently from all other case data.

All sensitive fields across the immigration forms we support are explicitly identified at the schema level. These fields are never sent to or processed by our AI systems under any circumstances. They are entered through a dedicated secure entry interface, stored directly in our database, and isolated from the AI-assisted case preparation pipeline through multiple independent enforcement points. If a user inadvertently enters sensitive information through a non-secure channel, the system detects it, blocks it from being saved, and directs the user to the correct entry method.

Every write to a sensitive field is logged — recording the field accessed, the case, and the timestamp, but never the value itself. This creates a complete audit trail of sensitive data access without exposing the data in logs.

Access controls

Access to Civis Agent is invitation-only. No account can be created without an explicit invitation from a Civis admin or firm owner. Authentication uses Google and Microsoft OAuth exclusively — no passwords are stored in our system.

Sessions expire after 15 minutes of inactivity and after 8 hours of continuous use regardless of activity, requiring re-authentication via SSO. Because re-authentication uses your existing Google or Microsoft session, the experience is typically a single click.

Case visibility is enforced at both the application layer and the database layer. An attorney can only see cases belonging to their assigned paralegals. A paralegal can only see their own cases. These rules are enforced independently at both layers — a bypass at one layer is caught by the other.

Defense in depth

Our security architecture uses multiple independent layers of enforcement rather than relying on any single control. Sensitive field filtering, AI pipeline guards, database write protection, application-level access checks, and database-layer row security policies all operate independently. These layers are designed so that a failure in any single control does not by itself expose sensitive data or grant unauthorized access.

Security standards alignment

Our security controls — including data classification, AI data minimization, defense-in-depth enforcement, and audit logging — are informed by industry standards and common security frameworks. We have not completed formal certification audits. We will update this section as certifications are obtained.

Limitations

No security system provides absolute protection. We cannot guarantee that data transmitted over the internet or stored in our systems will never be subject to unauthorized access. If you become aware of a security concern, contact us immediately at hello@civisagent.com.

6. Data Retention

We retain case information and account data for as long as a firm's account is active. When a firm's account is closed or suspended, we retain data for a period sufficient to comply with any applicable legal obligations and to resolve any outstanding disputes, after which it is deleted.

We will update this section with specific retention periods as our data retention policy is formalized.

7. Immigration Applicant Data

If you are a law firm using Civis Agent, you are responsible for ensuring that your use of the platform complies with your professional obligations regarding client confidentiality and data protection. Civis Agent processes client information under your direction as a service provider.

Immigration applicants whose information is entered into Civis Agent by their attorney or paralegal have rights with respect to their personal information under applicable law. Law firms using Civis Agent are responsible for informing their clients about how their information is handled and for fulfilling any requests from clients regarding their data.

8. Your Rights

If you are a law firm user of Civis Agent, you may:

• Request access to the information we hold about you and your firm
• Request correction of inaccurate information
• Request deletion of your account and associated data
• Contact us with questions about how your information is handled

To exercise any of these rights, contact us at hello@civisagent.com. We will respond to all requests within a reasonable timeframe.

9. Children's Privacy

Civis Agent is a professional tool for law firms. It is not directed at children under 13 and we do not knowingly collect information from children. If you believe a child under 13 has provided information through our service, contact us at hello@civisagent.com and we will take appropriate steps to remove that information.

10. Changes to This Policy

We will update this policy as our practices evolve and as a legal entity is established. When we make material changes, we will update the effective date at the top of this document. We will notify active users of significant changes by email. Continued use of Civis Agent after notification of a material change constitutes acceptance of the updated policy.

11. Contact

For privacy questions, data requests, security concerns, or questions about this policy, contact us at: