Your data, handled with intent.
CadexLaw DMCA processes personally identifiable information so that you can generate compliant notices. This policy explains what we collect, how we use it, and the choices available to you. It should be read alongside the Terms of Service and DMCA Policy.
Personal data we collect
CadexLaw processes information that you or your collaborators submit while using the product.
- Account data from checkout providers (name, email, billing country) to validate licenses.
- Notice content: names, addresses, phone numbers, URLs, statements, and signatures you include in DMCA workflows, plus any uploads you attach for your own reference.
- Technical and usage data (logs, timestamps, error reports) required to secure the service and troubleshoot issues.
How and why we use data
We handle personal data to provide the service, comply with law, and improve the product.
- Generate draft notices and templates you request, and keep short-term revision history.
- Validate that required DMCA elements are present before you submit or export a notice.
- Send transactional emails (license delivery, notice copies, security alerts) and measure deliverability where applicable.
- Meet recordkeeping or legal obligations, such as responding to valid law enforcement requests.
Lawful bases & consent
For GDPR purposes we rely on contractual necessity (providing the software), legitimate interests (preventing abuse, improving reliability), and explicit consent where required.
- You affirm that you have authority to provide any personal data contained in a notice.
- You may withdraw consent for optional communications at any time via unsubscribe links or by contacting support.
- If you act on behalf of someone else, you confirm you have their permission and will honor their privacy choices.
Retention & deletion
Because DMCA content is sensitive, we minimize how long it remains accessible.
- Draft notices stored in-app are purged after 60 days of inactivity unless you export them.
- Support tickets and audit logs are retained for up to 24 months to comply with operational and legal obligations.
- You can request expedited deletion or data exports by emailing privacy@cadexlaw.com.
Sharing & processors
We share data only with vendors essential to delivering CadexLaw.
- Checkout and licensing: Whop (or successor marketplace) to manage purchases and entitlement.
- Email delivery: providers such as Resend or SendGrid for authenticated notices. We maintain SPF/DKIM/DMARC to meet 2024 Gmail/Yahoo guidelines.
- Cloud hosting and logging: reputable infrastructure providers located in the United States. Processor agreements require confidentiality and security safeguards.
International transfers & rights
CadexLaw is operated from the United States, but we honor global privacy rights.
- When data moves outside your jurisdiction, we rely on standard contractual clauses or equivalent safeguards.
- EU/UK users have the right to access, correct, port, restrict, or object to processing. California residents may request disclosures, deletion, or opt out of data “sales” (we do not sell data).
- Submit requests at privacy@cadexlaw.com and we will respond within 30 days where legally required.
Security expectations
We guard against unauthorized access and educate users on safe handling.
- Data is encrypted in transit (TLS 1.2+) and at rest. Access is role-based and logged.
- We monitor for abuse, rate limit automated actions, and investigate security incidents. You must safeguard your account credentials.
- If we experience a breach affecting your data, we will notify you and regulators when required by law.
Children & marketing
CadexLaw is built for professionals and creators, not for minors or mass marketing.
- We do not knowingly collect information from anyone under 16. If you believe a minor has provided data, contact us for removal.
- Marketing communications are limited to product updates and compliance alerts. We avoid “guaranteed results” messaging to stay within FTC and state UDAP guardrails.
- You can opt out of marketing email at any time without affecting transactional notices.