Sub-processor List
LawyerDesk Advocacy Pvt Ltd
Last Updated: January 11, 2025
Version: 1.0
1. Introduction
What are Sub-processors?
Sub-processors are third-party service providers that LawyerDesk Advocacy Pvt Ltd ("LawyerDesk," "we," "us," or "our") engages to process personal data on our behalf in connection with providing our legal AI services platform, website, and related services (collectively, the "Services").
Our Commitment
LawyerDesk is committed to:
- Transparency in disclosing all sub-processors we use
- Ensuring sub-processors comply with applicable data protection laws including GDPR, CCPA, and India's Digital Personal Data Protection Act, 2023
- Implementing appropriate contractual safeguards with all sub-processors
- Conducting due diligence on sub-processor security and privacy practices
- Providing notice of changes to our sub-processor list
2. Current Sub-processors
The following table lists all third-party sub-processors currently engaged by LawyerDesk:
| Service Provider | Purpose/Service Category | Data Location | Date Added |
|---|---|---|---|
| Amazon Web Services (AWS) | Cloud Infrastructure & Hosting | US, EU (Ireland), India | Jan 2025 |
| Google Cloud Platform (GCP) | Cloud Infrastructure & AI/ML Services | US, EU (Belgium), India | Jan 2025 |
| Microsoft Azure | Cloud Infrastructure & AI Services | US, EU (Netherlands), India | Jan 2025 |
| Auth0 (Okta) | Authentication & Identity Management | US, EU (Ireland) | Jan 2025 |
| Stripe | Payment Processing | US, EU (Ireland) | Jan 2025 |
| Razorpay | Payment Processing (India) | India | Jan 2025 |
| SendGrid (Twilio) | Email Delivery Services | United States | Jan 2025 |
| Intercom | Customer Support & Communication | US, EU (Ireland) | Jan 2025 |
| OpenAI | AI/ML Model Services | United States | Jan 2025 |
| Anthropic | AI/ML Model Services | United States | Jan 2025 |
| Cloudflare | Content Delivery & Security | Global CDN | Jan 2025 |
* For a complete list of all sub-processors and detailed processing activities, please see the full table in our documentation.
3. Sub-processor Categories
Cloud Infrastructure Providers
Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure
These providers host our application infrastructure, databases, and storage systems.
Security Measures: All data is encrypted at rest and in transit. We utilize private network configurations, access controls, and regular security audits.
Authentication & Identity Services
Auth0 (Okta)
Handles user authentication, session management, and identity verification.
Security Measures: Industry-standard encryption, OAuth 2.0, OpenID Connect, SOC 2 Type II certified.
Payment Processing
Stripe, Razorpay
Process payment transactions and manage subscriptions.
Security Measures: PCI DSS Level 1 compliant, tokenization, encryption, fraud detection.
AI/ML Model Providers
OpenAI, Anthropic, Hugging Face
Power our AI-driven legal analysis features.
Security Measures: End-to-end encryption, data processing agreements, no model training on customer data (where applicable), data retention controls.
4. Data Transfer Mechanisms
International Data Transfers
Where sub-processors are located outside India or the European Economic Area (EEA), we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs): We use EU-approved SCCs for transfers to non-EU countries
- Adequacy Decisions: We rely on adequacy decisions where available
- Data Processing Addendums: All sub-processors sign comprehensive DPAs
- Privacy Shield Successor: We monitor and adopt new frameworks as they emerge
Data Residency Options
For enterprise customers requiring specific data residency:
- India-only data processing options available
- EU-only data processing options available
- Custom deployment configurations upon request
5. Sub-processor Change Policy
Notification Process
LawyerDesk will provide notice of any changes to our sub-processor list:
- General Notification: Updates to this page will be made at least 30 days before any new sub-processor processes customer data
- Email Notification: Customers will receive email notification of material changes to sub-processors
- Change Log: All changes are documented in the version history
- Objection Period: Customers have 30 days to object to new sub-processors
Right to Object
If you object to a new sub-processor:
- Submit objection in writing to privacy (at) lawyerdesk.ai within 30 days
- Include reasonable grounds for your objection
- We will work with you to find an alternative solution
- If no resolution is possible, you may terminate your agreement without penalty
6. Sub-processor Compliance
All sub-processors are required to:
7. Contact Information
Questions About Sub-processors
For questions regarding our sub-processors or data processing practices:
Email: privacy (at) lawyerdesk.ai
Subject Line: Sub-processor Inquiry
Response Time: We aim to respond to all inquiries within 5 business days.
8. Version History
| Version | Date | Changes |
|---|---|---|
| 1.0 | January 11, 2025 | Initial publication of Sub-processor List |
Note: This Sub-processor List is maintained as part of our commitment to transparency and compliance with data protection regulations. We encourage customers to bookmark this page and check periodically for updates.
Last Reviewed: January 11, 2025
Next Review: July 11, 2025
This document is provided for informational purposes and is subject to our Terms of Service. LawyerDesk Advocacy Pvt Ltd reserves the right to modify this Sub-processor List in accordance with the change policy outlined above.
We're leading a new era in legal progress, using advanced AI to deliver legal assistance that's accessible, efficient, and precise.