Privacy Policy 
How Bronson collects, uses, and protects your information.
Effective date: April 1, 2026
Who we are.
Bronson is a legal technology company that provides AI and data services to law firms in connection with mass torte litigation. We operate as a Business Associate under HIPAA.
This Privacy Policy describes how Bronson AI LLC ("Bronson," "we," "us," or "our") collects, uses, discloses, and protects information in connection with our website, platform, and services.
Information We Collect
We receive and process the following categories of information:
- Case-related data — Including Protected Health Information (PHI) and personally identifiable information, received from our law firm clients in the course of providing our services.
- Contact information — Name, email address, phone number, and other information you provide when contacting us or submitting inquiries through our website.
- Usage data — IP addresses, browser type and version, operating system, referring URLs, pages visited, and other standard analytics data collected automatically when you visit our website.
- Cookies and tracking technologies — We use Google Tag Manager and Google Analytics on our website. These services use cookies and similar technologies to collect usage data such as pages visited, session duration, approximate geographic location, device and browser type, and referral source. This data is processed by Google in accordance with Google's Privacy Policy. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on, or by adjusting cookie preferences in your browser settings.
How we use your information.
We use the information we collect for the following purposes:
- Delivering and improving our AI and data services to law firm clients
- Complying with legal, regulatory, and contractual obligations
- Responding to inquiries and communicating with clients and prospective clients
- Maintaining the security and integrity of our systems
- Analyzing website usage to improve the user experience
How We Share Information
We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We may disclose information in the following circumstances:
- Law firm clients — Case-related data is shared with our law firm clients as part of service delivery, in accordance with our agreements.
- Service providers — We engage third-party vendors who process data on our behalf, bound by contractual data protection obligations.
- Legal requirements — We may disclose information as required by law, regulation, subpoena, or legal process.
How we protect your data.
We maintain administrative, technical, and physical safeguards to protect the confidentiality, integrity, and availability of information we process. These include:
- Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
- Role-based access controls and multi-factor authentication
- Continuous security monitoring and incident response procedures
- Regular security assessments and vulnerability scanning
For more details on our security practices, visit our Security page.
HIPAA
Protected Health Information (PHI) we receive as a Business Associate is used and disclosed only as permitted by our Business Associate Agreements and applicable law. We implement safeguards consistent with the HIPAA Security Rule and Privacy Rule.
Individual rights requests regarding PHI (such as access, amendment, or accounting of disclosures) should be directed to the relevant law firm client, who is the Covered Entity responsible for responding to such requests under HIPAA.
Data Retention
We retain information for as long as necessary to fulfill our service obligations and comply with legal, regulatory, and contractual requirements. When information is no longer needed, we securely delete or de-identify it in accordance with our data retention policies.
Privacy rights and choices.
Depending on your location, you may have certain rights regarding your personal information under applicable privacy laws.
Rights Under California Law (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act (as amended by the California Privacy Rights Act) provides you with the following rights:
- Right to Know — You may request the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for collection, and the categories of third parties with whom we share it.
- Right to Delete — You may request that we delete the personal information we have collected about you, subject to certain exceptions.
- Right to Correct — You may request that we correct inaccurate personal information we maintain about you.
- Right to Opt Out of Sale or Sharing — We do not sell your personal information or share it for cross-context behavioral advertising.
- Right to Non-Discrimination — We will not discriminate against you for exercising any of your privacy rights.
General Privacy Rights
Regardless of your location, you may:
- Request access to the personal information we hold about you
- Request correction of inaccurate or incomplete information
- Request deletion of your personal information, subject to legal and contractual obligations
- Opt out of non-essential cookies through your browser settings
To exercise any of these rights, please contact us at security@bronsonai.com. We will respond to verifiable requests within the timeframes required by applicable law (generally within 45 days for CCPA requests). We may need to verify your identity before processing your request.
Questions or concerns.
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the effective date at the top of this page and post the revised policy on our website.
For privacy or security questions, to exercise your privacy rights, or to raise a concern about how we handle your information, please contact us:
Bronson AI LLC
Email: security@bronsonai.com