Legal

Privacy Policy

Last Updated: April 2025 Effective Date: April 1, 2025 Version: 1.0

Proxiant, Inc. ("Proxiant," "we," "us," or "our") is committed to protecting the privacy of the individuals and businesses who use our platform. This Privacy Policy explains what information we collect, how we use it, with whom we share it, and the choices you have regarding your information.

This Privacy Policy applies to all Proxiant products and services, including the Proxiant web application, mobile application, API, The Hive marketplace, and client portal (collectively, the "Platform"). By using the Platform, you agree to the practices described in this Policy.

Note for business customers: If you are a business customer (a "Firm") using Proxiant to process personal data on behalf of your clients or to manage job data involving individuals, our Data Processing Agreement (DPA) governs our data processing responsibilities as a processor under applicable data protection law.

1. Information We Collect

1.1 Account Information

When you register for a Proxiant account, we collect information necessary to create and manage your account, including:

  • Name and email address
  • Firm or business name
  • Phone number (optional)
  • Password (stored as a salted, hashed value — we never store plaintext passwords)
  • Billing information, including payment method details (processed and stored by Stripe, Inc.; Proxiant does not store full payment card numbers)
  • Business address and state(s) of operation
  • Profile photo (if uploaded)

1.2 Job Data

The core function of Proxiant is job management for process serving. As a result, the Platform handles sensitive information related to legal matters, including:

  • Recipient names, addresses, physical descriptions, and contact information
  • Case numbers, court names, case types, and attorney information
  • Attempt records including date, time, location, and outcome
  • GPS coordinates and location data captured at each service attempt
  • Photographs taken during service attempts
  • Affidavits and Proofs of Service generated through the Platform
  • Documents uploaded to or generated for a job (summonses, complaints, etc.)
  • Notes and communications related to a job

This job data belongs to the Firm that submitted it. Proxiant processes this data on behalf of Firms as described in the DPA.

1.3 Usage Data

We automatically collect certain information about how you use the Platform, including:

  • Login timestamps and session duration
  • Features accessed and actions performed
  • API calls made (endpoint, timestamp, response code)
  • Search queries within the Platform
  • Error events and platform performance data
  • IP address and general geographic region
  • Referral URL and browser type

1.4 Device and Mobile Data

When you use the Proxiant mobile application, we may collect:

  • GPS location data: The mobile app captures GPS coordinates at each service attempt record you create, as this is a core feature for documenting service location. Location capture occurs when you actively record an attempt and is not run continuously in the background without your action. You may disable location permissions in your device settings, but doing so will prevent GPS capture from functioning.
  • Device type, operating system version, and device identifier
  • Push notification token (if you enable push notifications)
  • App version and crash report data

1.5 Communications

If you use Proxiant's inbound email intake feature, emails sent to your Proxiant-assigned intake address are parsed by our platform to extract job information. We process the subject line, body, and attachments of such emails to populate job records. You should inform your clients that emails sent to the intake address will be processed by Proxiant. We do not access email accounts that are not part of the intake system.

If you contact Proxiant support, we retain records of those communications, including your name, email, and message content, for support and quality assurance purposes.

2. How We Use Information

2.1 Providing and Operating the Service

We use the information we collect primarily to provide, maintain, and improve the Platform, including:

  • Creating and managing your account
  • Processing and displaying job records and attempt data
  • Generating Affidavits and Proofs of Service
  • Operating The Hive marketplace
  • Providing the client portal to your authorized clients
  • Delivering email notifications and status updates
  • Responding to support requests

2.2 AI-Assisted Processing (Anthropic / Claude)

Proxiant uses artificial intelligence to assist with document processing features, including email intake parsing and document data extraction. These AI features are powered by Anthropic, PBC and their Claude AI models.

When you use AI-assisted features, relevant content — such as the text of an inbound email, portions of an uploaded document, or structured job data — may be sent to Anthropic's API for processing. This content is used solely to generate extracted results for your account and is subject to Anthropic's API terms and data policies. We do not use your data to train or fine-tune AI models.

You can opt out of AI-assisted features by disabling them in your account settings. Disabling AI features will limit certain automation capabilities but will not affect core job management functionality.

2.3 Billing and Payments

We use your billing information to process Subscription payments, manage billing cycles, send invoices and payment receipts, and handle billing disputes. Payment transactions are processed by Stripe, Inc. under Stripe's Privacy Policy. We retain billing records (amounts, dates, plan) as required for accounting and legal compliance.

2.4 Communications

We use your email address to send you:

  • Transactional emails (account confirmations, job status updates, affidavit delivery) — sent via Resend or Postmark
  • Billing notifications (payment confirmations, failed payment alerts, renewal reminders)
  • Platform announcements and updates (material changes to Terms or this Policy)
  • Product newsletters and feature announcements (only if you have opted in)

You may unsubscribe from marketing communications at any time by clicking the unsubscribe link in any marketing email. Transactional emails cannot be disabled as they are necessary to the operation of your account.

2.5 Analytics, Monitoring, and Error Tracking

We use Sentry for error monitoring and crash reporting, and Checkly for uptime monitoring. These services help us identify and fix bugs, monitor platform health, and maintain service reliability. Error reports may include device information, platform version, and the actions you were taking when an error occurred. We configure these tools to minimize the inclusion of personally identifiable information in error reports.

2.6 Security and Fraud Prevention

We use collected information to detect, investigate, and prevent fraudulent activity, unauthorized access, abuse of the Platform, and security incidents.

3. Information Sharing

3.1 We Do Not Sell Your Data

Proxiant does not sell, rent, or trade your personal information or your job data to any third party for marketing, advertising, or any other commercial purpose. We do not share your data with data brokers.

3.2 Sub-Processors

To provide the Platform, Proxiant engages the following third-party sub-processors, each of whom may process certain data as necessary to perform their function:

Service Provider Purpose Data Location
Database Hosting Supabase, Inc. Primary database (PostgreSQL), authentication, real-time data United States (primary); EU availability subject to plan
File & Document Storage Cloudflare, Inc. (R2) Storage of uploaded documents, photos, generated affidavits, and attachments United States (primary)
Payment Processing Stripe, Inc. Subscription billing, payment card processing, invoicing United States / Global
AI Processing Anthropic, PBC AI-assisted document extraction, email parsing, data entry assistance United States
Transactional Email Resend, Inc. Delivery of transactional emails (job updates, affidavit delivery, notifications) United States
Email Delivery Wildbit, LLC (Postmark) Supplemental email delivery and inbound email processing United States
Application Hosting Vercel, Inc. Hosting and delivery of the web application and serverless functions United States / Global CDN
Error Monitoring Sentry (Functional Software, Inc.) Error tracking and crash reporting for reliability and debugging United States
Uptime Monitoring Checkly, Inc. API and website uptime monitoring United States / EU

We require all sub-processors to maintain appropriate data protection standards and to process data only as necessary to perform the services for which they are engaged. An updated list of sub-processors is available upon request at privacy@proxiant.co.

3.3 Sharing Within the Platform

Certain features of the Platform involve controlled sharing of data between parties:

  • Client Portal: When a Firm shares access with a Client through the client portal, that Client can view job status, affidavits, and documents that the Firm has made available to them. Firms control what Clients can access.
  • The Hive: When a Firm posts a job to The Hive, limited job information (jurisdiction, job type, general location, service deadline) is visible to Servers who have access to The Hive. Sensitive recipient information is disclosed to a Server only after the Server has been assigned to the job by the Firm.

3.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, including subpoenas, court orders, or government requests from law enforcement agencies with appropriate jurisdiction. We will review all such requests and, where legally permitted, will notify you before disclosing your information so that you may seek appropriate legal relief.

3.5 Business Transfers

If Proxiant undergoes a merger, acquisition, sale of substantially all assets, or other business transfer, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Platform before your information is transferred and becomes subject to a different privacy policy. You will have the right to request deletion of your data if you do not consent to the transfer.

3.6 Aggregate and De-Identified Data

We may use and share aggregate or de-identified information (information that does not identify any individual) for industry analysis, product development, and other business purposes. Such data does not contain information that could reasonably be used to identify you or your clients.

4. Data Retention

4.1 Active Accounts

We retain your account information and job data for as long as your account is active and for a reasonable period thereafter as necessary to fulfill the purposes described in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

4.2 After Account Termination

Following termination of your account for any reason, Proxiant will make your Content available for export for a period of thirty (30) days ("Export Window"). After the Export Window closes, Proxiant will delete your Content from production systems within ninety (90) days. Residual copies in automated backup systems will be deleted in the ordinary course of our backup rotation cycle.

4.3 Legal Holds

Notwithstanding the foregoing, Proxiant may retain certain data for longer periods as required by applicable law, regulation, legal process, or government order, or where Proxiant has a legitimate legal interest in preserving evidence in connection with a legal claim or dispute.

4.4 Affidavit Retention Recommendation

Affidavits and Proofs of Service generated through the Platform may be required for legal proceedings and should be treated as legal records. We strongly recommend that you download and independently store copies of all Affidavits and significant legal documents generated through Proxiant. While Proxiant maintains document storage as part of the Platform, we are a technology service provider, not a legal records custodian, and your document retention obligations under applicable law are your own responsibility.

4.5 Billing Records

We retain billing and transaction records for a minimum of seven (7) years as required for accounting, tax, and compliance purposes.

5. Security

5.1 Technical Safeguards

Proxiant implements technical and organizational security measures designed to protect your information against unauthorized access, disclosure, alteration, and destruction, including:

  • Encryption at rest: Data stored in our database and file storage is encrypted at rest using AES-256 encryption.
  • Encryption in transit: All data transmitted between your browser or mobile app and Proxiant servers is encrypted using TLS 1.2 or higher. We enforce HTTPS across all Platform endpoints.
  • Row-Level Security (RLS): Our database enforces row-level security policies that prevent one Firm's data from being accessible to another Firm's account at the database level.
  • Access controls: Access to production systems is limited to authorized Proxiant personnel on a need-to-know basis. We enforce multi-factor authentication for all personnel with production system access.
  • Authentication: User authentication is managed through secure session tokens. We support and recommend multi-factor authentication for all user accounts.

5.2 No Guarantee of Perfect Security

No method of transmission over the internet or method of electronic storage is 100% secure. While we take commercially reasonable steps to protect your information, we cannot guarantee absolute security. In the event of a security breach that we determine is likely to affect your personal data, we will notify you in accordance with applicable law and, for business customers, in accordance with our DPA (within 72 hours of becoming aware of the breach).

5.3 Your Security Responsibilities

You are responsible for maintaining the security of your account credentials, ensuring that all team members who access your account use strong passwords, and notifying us promptly if you suspect unauthorized access. You should not share your API Key, access credentials, or session tokens with unauthorized parties.

6. Your Rights

6.1 Access and Correction

You have the right to access the personal information Proxiant holds about you and to correct inaccuracies. Much of your account and job data can be reviewed and corrected directly within the Platform. For information you cannot update directly, please contact privacy@proxiant.co.

6.2 Data Export

You may export your job data, affidavits, and other Content from the Platform at any time using the built-in data export features in your dashboard. If you require a full account data export in a machine-readable format, contact privacy@proxiant.co and we will fulfill your request within 30 days.

6.3 Deletion

You may request deletion of your personal account information at any time by contacting privacy@proxiant.co. We will process deletion requests within 30 days subject to the retention obligations described in Section 4. Note that we may be unable to delete information we are legally required to retain, and that deletion of your account will permanently destroy your job data if it has not been exported.

6.4 California Residents — CCPA Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information:

  • Right to Know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources, the purposes for collection, and the categories of third parties with whom we have shared it.
  • Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Opt-Out of Sale: Proxiant does not sell personal information. If our practices change, we will update this Policy and provide an opt-out mechanism.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise your CCPA rights, submit a request to privacy@proxiant.co. We will verify your identity before processing your request. You may also designate an authorized agent to submit a request on your behalf.

6.5 GDPR Rights (EEA/UK Residents)

If you are located in the European Economic Area or United Kingdom, you may have additional rights under the General Data Protection Regulation (GDPR), including the right to restrict processing, the right to object to processing, and the right to data portability. Please contact privacy@proxiant.co to exercise these rights. Our DPA governs the processing of personal data for business customers subject to GDPR.

6.6 Response Timeframe

We will respond to verified privacy rights requests within 45 days. If we require additional time (up to an additional 45 days), we will notify you of the extension and the reason for it within the initial 45-day period.

7. Cookies and Tracking

7.1 Session Cookies

Proxiant uses session cookies and similar technologies (local storage tokens) to authenticate your login session, maintain your preferences within the Platform, and keep you logged in between page loads. These are strictly necessary for the Platform to function and cannot be disabled without impairing your ability to use the Platform.

7.2 No Third-Party Advertising Trackers

Proxiant does not use third-party advertising networks, behavioral advertising cookies, or tracking pixels from advertising platforms (such as Meta Pixel, Google Ads remarketing tags, or similar) on the Platform. We do not build advertising profiles based on your use of Proxiant.

7.3 Analytics

We may use basic, aggregated analytics to understand how users navigate the Platform (e.g., which features are most used, where users encounter friction). Any such analytics are aggregated and do not identify individual users. We do not use Google Analytics or similar third-party behavioral tracking services inside the authenticated application.

7.4 Managing Cookies

You can configure your browser to refuse cookies or alert you when cookies are being sent. However, if you disable the session authentication cookies used by Proxiant, you will not be able to log in to the Platform.

8. Children's Privacy

The Platform is intended for use by businesses and adult professionals. Proxiant does not knowingly collect or solicit personal information from individuals under the age of 18. If you become aware that a minor has provided personal information to Proxiant without parental consent, please contact us at privacy@proxiant.co and we will take steps to delete that information.

9. Changes to This Policy

9.1 Notice of Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will provide at least thirty (30) days' advance notice of material changes via email to the address on file for your account and/or by posting a prominent notice in the Platform.

9.2 Continued Use

Your continued use of the Platform after the effective date of any changes constitutes your acceptance of the revised Policy. If you do not agree to the revised Policy, you must stop using the Platform and may request deletion of your account as described in Section 6.3.

10. Contact

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us at:

  • Email: privacy@proxiant.co
  • General contact: hello@proxiant.co
  • Website: proxiant.co/contact

For data subject requests under CCPA, GDPR, or other applicable privacy law, please send your request to privacy@proxiant.co with the subject line "Privacy Rights Request" and include your name, email address, and a description of your request.

This Privacy Policy applies to the Proxiant Platform as described above. It does not apply to third-party websites or services that Proxiant may link to. Proxiant is not responsible for the privacy practices of third parties, and we encourage you to review the privacy policies of any third-party services you access through or in connection with Proxiant.