Ares Legal

Medical Summaries

Chronologies, record review, and billing analysis

Demand Letters

Generate demands built from your case evidence

Drafting

Mediation briefs, LORs, and motions

Depositions

Transcript digests, key quotations, and cross-examination prep

Discovery

Propound and respond to interrogatories and requests for production

Assistant

Ask your case file anything and get verifiable, cited answers

Personal Injury

AI built for PI case workflows

Workers' Compensation

Consolidate years of treatment records

Medical Malpractice

Surface deviations from standard of care

Nursing Home Litigation

Establish patterns of neglect and breach of duty

Expert Witnesses

Record review in minutes, not days

Security

Privacy, encryption, and compliance

Blog

Latest insights and updates

Privacy Policy

Last updated: March 16, 2026

Ares Legal, LLC (“Ares,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our AI-powered litigation support platform (the “Service”).

We understand the heightened sensitivity of legal data, including attorney-client privileged materials, work product, and Protected Health Information (“PHI”). This policy reflects our commitment to handling such data with the care it demands.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, law firm name, phone number, and billing information. This information is necessary to provide and administer the Service.

Customer Content

You may upload documents, medical records, case files, and other materials to the Service (“Customer Content”). This may include Protected Health Information subject to HIPAA, as well as attorney-client privileged materials and work product. We process Customer Content solely to provide the Service to you.

Usage Data

We automatically collect information about how you interact with the Service, including features used, pages visited, actions taken, timestamps, browser type, device information, and IP address. This data helps us improve the Service and diagnose technical issues.

Communications

When you contact us for support or other purposes, we collect the content of those communications along with associated metadata such as time and date.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process your Customer Content through our AI models to generate summaries, drafts, and other outputs
  • Administer your account, process payments, and communicate about your subscription
  • Provide customer support and respond to your requests
  • Monitor and analyze usage trends to improve functionality and user experience
  • Detect, prevent, and address fraud, security issues, and technical problems
  • Comply with legal obligations and enforce our Terms of Service

3. AI Processing and Zero Data Retention

When you use our AI-powered features, your Customer Content is processed by large language models to generate outputs such as medical summaries, demand letters, and legal drafts.

We do not use Customer Content to train, fine-tune, or improve AI models. We maintain zero-data-retention agreements with all AI infrastructure providers. Your data is processed in real time and is not stored by our AI providers after the processing request is complete.

4. HIPAA Compliance

Ares is designed to handle Protected Health Information in compliance with the Health Insurance Portability and Accountability Act (“HIPAA”). Where applicable:

  • We execute Business Associate Agreements (“BAAs”) with customers who are Covered Entities or Business Associates
  • We implement administrative, physical, and technical safeguards required by the HIPAA Security Rule
  • PHI is encrypted at rest (AES-256) and in transit (TLS 1.2+)
  • Access to PHI is restricted through role-based access controls with comprehensive audit logging
  • We maintain BAAs with all subcontractors and service providers who may access PHI

5. How We Share Your Information

We do not sell, rent, or trade your personal information or Customer Content. We may share information only in the following limited circumstances:

Service Providers (Subprocessors)

We engage the following third-party service providers to help us operate the Service. Each is contractually obligated to protect your data and may only process it on our behalf:

  • Amazon Web Services (AWS) — Cloud infrastructure and hosting
  • Stripe — Payment processing and billing
  • Google Analytics — Website and product analytics
  • PostHog — Product analytics and usage tracking
  • Meta Pixel (Facebook) — Advertising measurement and conversion tracking

We will notify customers of any material changes to our subprocessor list at least 30 days in advance.

Legal Requirements

We may disclose information if required by law, regulation, legal process, or governmental request. We will notify you of such requests when legally permitted to do so.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change and any choices you may have regarding your data.

With Your Consent

We may share information with your explicit consent for purposes not covered by this policy.

6. Data Security

We implement industry-leading security measures to protect your data:

  • Encryption: AES-256 encryption at rest and TLS 1.2+ in transit
  • Access Controls: Role-based access controls with multi-factor authentication
  • Audit Logging: Comprehensive logging of all data access and modifications
  • Infrastructure: HIPAA-compliant AWS data centers in the United States
  • Key Management: AWS Key Management Service with regular key rotation
  • SOC 2: We are actively pursuing SOC 2 Type II certification

For more details, visit our Security page.

Data Breach Notification

In the event of a data breach affecting your personal information or Customer Content, we will notify affected customers within 72 hours of becoming aware of the breach. Notification will include the nature of the breach, the types of data affected, the measures taken to address it, and recommended steps you can take to protect yourself. We will cooperate with law enforcement and regulatory bodies as required.

7. Data Retention

We retain your Customer Content for the duration of your subscription and for up to 30 days following termination to allow for data export. After this period, Customer Content is securely deleted.

Account information and usage data may be retained for up to 12 months after account termination for legitimate business purposes including compliance, dispute resolution, and fraud prevention.

You may request deletion of your data at any time by contacting us at support@ares.legal.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal retention obligations
  • Portability: Request a machine-readable copy of your data
  • Restriction: Request that we limit processing of your information in certain circumstances
  • Objection: Object to processing of your information for certain purposes

To exercise any of these rights, contact us at support@ares.legal. We will respond to your request within 30 days.

California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (“CCPA”) provides you with additional rights regarding your personal information:

  • Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions permitted by law
  • Right to Opt-Out of Sale: We do not sell your personal information. We have not sold personal information in the preceding 12 months
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights

To submit a CCPA request, contact us at support@ares.legal. We will verify your identity before processing your request and respond within 45 days.

9. Cookies and Tracking

We use cookies and similar technologies to operate the Service, remember your preferences, and analyze usage. Specifically:

  • Essential Cookies: Required for the Service to function, including authentication and security
  • Analytics Cookies: Help us understand how the Service is used so we can improve it (Google Analytics, PostHog)
  • Advertising Cookies: Used to measure the effectiveness of our advertising campaigns (Meta Pixel)

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

10. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us and we will promptly delete it.

12. International Data Transfers

The Service is hosted and operated in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States. By using the Service, you consent to such transfers.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service at least 30 days before they take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Ares Legal, LLC
Email: support@ares.legal