Effective Date: December 4, 2025

Ravenly, under PrizmAI LLC (“we,” “us,” or “our”) operates a lead engagement and tracking platform designed for small law firms (the “Service”). This Privacy Policy explains how we collect, use, disclose, and protect information through our mobile application and web platform.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use our Service.

1. Information We Collect

1.1 Information from Law Firm Users (Our Customers)

When you create an account and use our Service, we collect:

  • Account Information: Name, email address, firm name, and password
  • Payment Information: Billing address and payment card details (processed by our payment processor)
  • Device Information: Device identifiers, IP addresses, browser type, and operating system
  • Usage Data: How you interact with our Service, features used, and performance data
  • Integration Data: Information from third-party services you connect to our platform
  • Authentication Data: Login credentials and multi-factor authentication information. If you enable biometric login (Face ID or Touch ID), authentication occurs on your device; we do not receive or store your biometric data.

1.2 Information About Leads (Your Potential Clients)

Our Service enables you to manage information about your leads. This information is provided by you or collected through tools we provide (such as lead capture forms). Lead data may include:

  • Contact information (name, phone number, email address)
  • Source and referral information
  • Communication history (calls, texts, emails logged through the platform)
  • Case type or legal matter information
  • Notes and other information you add
  • Form submission data from lead capture forms

Important: You are responsible for ensuring you have obtained appropriate consent from your leads before collecting and processing their personal information through our Service.

2. How We Use Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process transactions and send related information
  • Send push notifications, emails, and other communications you have opted into
  • Facilitate SMS and voice communications to leads on your behalf (with proper consent)
  • Analyze usage patterns to improve functionality and user experience
  • Respond to your requests and provide customer support
  • Comply with legal obligations and protect our rights

3. AI-Assisted Features

Our Service uses artificial intelligence to provide lead scoring functionality. Only non-identifiable, aggregated data is sent to our AI service providers for processing. No personally identifiable information about you or your leads is shared with the AI service. Data retention with the AI provider is disabled, meaning data is processed in real-time and not stored by the AI provider.

4. Third-Party Service Providers

We share information with the following categories of service providers who assist us in operating our Service:

  • Cloud Infrastructure: Amazon Web Services (AWS) hosts our platform and stores data
  • Communications: Twilio powers SMS and voice functionality
  • Call Tracking: CallRail provides call integration services

These service providers are contractually obligated to protect your information and may only use it to perform services on our behalf. They are prohibited from using your information for their own purposes.

5. Communications and Consent

5.1 Communications to Law Firm Users

We may send you push notifications, emails, and other communications related to your account and our Service. You may opt into or out of these communications through your account settings.

5.2 Communications to Leads

Our platform enables you to send SMS messages and make voice calls to your leads. Before using these features, you must explicitly opt in. Additionally, our platform requires that you obtain and document consent from each lead before contacting them. We provide consent capture tools to help you comply with applicable laws, including the Telephone Consumer Protection Act (TCPA) in the United States and Canada’s Anti-Spam Legislation (CASL).

You are solely responsible for obtaining valid consent from your leads and maintaining records of such consent. Failure to obtain proper consent may violate federal and state laws and could result in significant penalties.

6. Data Storage and Cross-Border Transfers

Our Service is hosted on servers located in the United States. If you are accessing our Service from outside the United States, including from Canada, please be aware that your information will be transferred to, stored, and processed in the United States. By using our Service, you consent to this transfer.

Data stored in the United States may be subject to lawful access requests by U.S. government authorities under applicable laws.

Our Service is intended for users in the United States and Canada. We do not intentionally market or provide our Service to individuals in the European Economic Area, United Kingdom, or Switzerland.

7. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit using TLS/SSL
  • Encryption of data at rest
  • Role-based access controls
  • Multi-factor authentication (available for all accounts)
  • Regular security audits and penetration testing

While we strive to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

8. Data Retention

We retain your information for as long as your account is active or as needed to provide you with our Service. If you close your account, we will delete your data, including all associated lead information, within 14 days. We may retain certain information as required by law or for legitimate business purposes, such as resolving disputes or enforcing our agreements.

9. Your Rights and Choices

9.1 Law Firm Users

You have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Export: Export your data in a portable format
  • Correction: Request correction of inaccurate information
  • Deletion: Delete your account and all associated data through your account settings
  • Withdraw Consent: Opt out of optional data processing or communications

9.2 Leads

If you are a lead whose information is stored in our Service, please contact the law firm that collected your information to exercise your privacy rights. The law firm is the controller of your data; we process it on their behalf as a service provider.

9.3 Data Deletion Requests

You may request deletion of your data by logging into your account and using the account deletion feature, or by contacting us at legal@ravenly.com

10. Cookies and Similar Technologies

Our web platform uses cookies and similar technologies to:

  • Session Cookies: Keep you logged in during your session (essential)
  • Persistent Cookies: Remember your preferences and settings

We do not use cookies for advertising or tracking purposes. You can control cookies through your browser settings, but disabling cookies may affect your ability to use certain features of our Service.

11. Children’s Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at legal@ravenly.com.

12. Do Not Sell or Share

We do not sell your personal information. We do not share your personal information with third parties for their direct marketing purposes or for cross-context behavioral advertising.

13. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, our business purposes for collecting it, and the categories of third parties with whom we share it.
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
  • Right to Correct: You may request correction of inaccurate personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

Categories of Personal Information Collected: In the preceding 12 months, we have collected the following categories of personal information:

  • Identifiers (name, email address, IP address, device identifiers)
  • Commercial information (billing information, transaction history)
  • Internet or network activity (usage data, interactions with our Service)
  • Professional information (law firm name, role)

To exercise these rights, contact us at legal@ravenly.com. We will respond within 45 days.

14. Canadian Privacy Rights (PIPEDA)

If you are a Canadian resident, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws:

  • Access: You may request access to your personal information held by us.
  • Correction: You may request correction of your personal information.
  • Withdraw Consent: You may withdraw consent to certain processing activities, subject to legal or contractual restrictions.
  • File a Complaint: You may file a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.

Accountability: PrizmAI LLC is responsible for personal information in our possession or custody, including information transferred to third parties for processing. Our designated privacy contact is available at legal@ravenly.com.

Cross-Border Notice: Your personal information is stored and processed in the United States. It may be accessible to law enforcement and national security authorities in the United States under applicable laws.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through an in-app notification before the changes take effect. Your continued use of our Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

16. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

PrizmAI LLC

Email: legal@ravenly.com

For privacy-related complaints or concerns, we will investigate and respond within 30 days.