Privacy Policy

Last updated: February 2025

1. Introduction

Legally First ("we", "us", or "our") is by Silvester Legal. This Privacy Policy explains how we collect, use, and protect information when you use our website and services, including the AI-powered Contract Checker tool.

We are committed to complying with Singapore's Personal Data Protection Act 2012 ("PDPA") and protecting your privacy. This policy applies to all visitors and users of our website.

2. What Data We Collect

Contact Form Submissions

When you submit our contact form, we collect your name, email address, company name (optional), service interest, and message. This information is sent directly to our team via email using the Resend email service. We do not store contact form submissions in any database. The data exists only in the resulting email delivered to our team.

Contract Checker Uploads

When you use our Contract Checker tool, your uploaded document is processed entirely in memory on our server. The document text is sent to the Anthropic Claude API for analysis and is then immediately discarded. We do not store, save, or retain any uploaded documents or their contents. No copy of your document is kept after the analysis is complete.

Usage Data

We use a client-side counter stored in your browser's local storage to track the number of Contract Checker analyses you perform per day (for rate limiting purposes only). This counter stores only the date and a count number — no personal information.

Analytics

We use Vercel Speed Insights to monitor website performance. This collects anonymous, aggregated performance metrics (such as page load times) and does not track individual users or collect personal data.

3. What We Do Not Collect

We want to be clear about what we do not do:

  • We do not have a database. No personal data is stored on our servers.
  • We do not create user accounts or require registration.
  • We do not use cookies for tracking or advertising purposes.
  • We do not sell, rent, or share your personal data with third parties for marketing.
  • We do not retain uploaded contract documents after analysis is complete.
  • We do not track your browsing behaviour across other websites.

4. How We Use Your Data

We use the information we collect only for the following purposes:

  • Contact form data: To respond to your enquiry and communicate with you about our services.
  • Contract uploads: To provide you with an AI-generated preliminary analysis of your document, processed in real time and not retained.
  • Rate limiting data: To manage fair usage of our free Contract Checker tool.
  • Performance metrics: To improve website speed and reliability.

5. Third-Party Services

We use the following third-party services to operate our website:

Anthropic (Claude API)

Processes document text for the Contract Checker analysis. Document content is sent to Anthropic's API for processing and is subject to Anthropic's Privacy Policy. Anthropic does not use API inputs to train its models.

Resend

Delivers contact form submissions to our team via email. Subject to Resend's Privacy Policy.

Vercel

Hosts our website and provides anonymous performance analytics. Subject to Vercel's Privacy Policy.

Chatbase (Optional)

Powers our AI chat widget, if enabled. Any messages you send through the chat widget are processed by Chatbase. Subject to Chatbase's Privacy Policy.

6. Data Retention

  • Contract uploads: Not retained. Documents are processed in memory and discarded immediately after analysis.
  • Contact form data: Retained only in the email delivered to our team inbox, subject to our standard email retention practices.
  • Rate limiting data: Stored locally in your browser and automatically resets daily. You can clear it at any time by clearing your browser's local storage.

7. Data Security

We implement appropriate security measures to protect your information:

  • All data is transmitted over HTTPS (encrypted in transit).
  • API keys and credentials are stored securely as environment variables, never in client-side code.
  • Security headers (HSTS, X-Frame-Options, X-Content-Type-Options) are enforced on all pages.
  • Server-side rate limiting protects against abuse of our API endpoints.
  • User inputs are sanitised before processing to prevent injection attacks.

8. Your Rights Under the PDPA

Under Singapore's Personal Data Protection Act, you have the right to:

  • Access: Request information about what personal data we hold about you.
  • Correction: Request correction of any inaccurate personal data.
  • Withdrawal of consent: Withdraw your consent for us to use your personal data.

As we do not maintain a database of personal data, most of these rights are satisfied by design. If you have submitted a contact form and wish to exercise your rights regarding that data, please contact us at info@legallyfirst.com.

9. Children's Privacy

Our services are intended for business use and are not directed at individuals under the age of 18. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.

11. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Legally First

Email: info@legallyfirst.com

By Silvester Legal

Have questions?

If you have any concerns about your privacy, please get in touch.

Contact Us