SoloMatter

Privacy Policy

Last updated: February 24, 2026

SoloMatter ("we," "us," or "our") operates the SoloMatter practice management platform. This Privacy Policy explains how we collect, use, store, and protect information when you use our service.

1. Information We Collect

We collect the following categories of information:

  • Account information — name, email address, and role when you create an account or are invited by your firm.
  • Matter and case data — client names, matter details, tasks, notes, and other practice data entered by your firm.
  • Documents — files uploaded through the platform, which are stored in your firm's connected Google Drive account.
  • Time and billing data — time entries, invoices, and payment records.
  • Usage metadata — pages visited, features used, and general interaction patterns to improve the service.
  • Communications — messages sent through the AI assistant feature, which may be stored to provide conversation continuity.

2. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the SoloMatter platform.
  • Process billing and payments through your firm's connected Square account.
  • Send transactional emails (invoice notifications, intake form reminders, task assignments).
  • Improve service quality and develop new features.
  • Respond to support requests.
  • Comply with legal obligations.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Data Storage

Practice data (matters, tasks, time entries, invoices, user profiles) is stored in a self-hosted PostgreSQL database. We maintain direct control over the database infrastructure, and data is not stored on third-party database-as-a-service platforms.

Documents are stored in your firm's own Google Drive account via the Google Drive API. SoloMatter does not store copies of your documents on our servers.

4. Google Drive Integration

When your firm connects Google Drive, SoloMatter requests access to create and manage folders and files within a designated SoloMatter directory in your Google Drive. We access only the files and folders created by SoloMatter — we do not scan, read, or access other files in your Drive.

SoloMatter's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Third-Party Services

We integrate with the following third-party services:

  • Google (Drive, Gmail, Calendar) — document storage, email sending, and calendar synchronization. Governed by Google's Privacy Policy.
  • Square — payment processing and invoicing. Governed by Square's Privacy Policy.
  • Anthropic (Claude AI) — AI-assisted practice features. Queries sent to the AI include only the context necessary to respond and are subject to Anthropic's Privacy Policy.

6. Analytics and Cookies

SoloMatter uses Umami, a privacy-focused analytics tool that does not use cookies and does not collect personally identifiable information. Umami is compliant with GDPR, CCPA, and PECR.

We use essential cookies only for authentication session management. These cookies are required for the platform to function and cannot be disabled.

7. Data Retention

We retain your data for as long as your firm's account is active. When a firm terminates its account, we will delete all associated data within 30 days, except where retention is required by law.

Individual client records can be deleted upon request by the firm administrator at any time.

8. Security

We implement technical and organizational measures to protect your data, including encryption in transit (TLS), role-based access controls, row-level security in the database, and comprehensive audit logging. For full details, see our Security & Compliance page.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that we correct inaccurate information.
  • Deletion — request that we delete your personal data.
  • Portability — request your data in a structured, machine-readable format.
  • Objection — object to certain processing of your data.

These rights apply under regulations including the GDPR (EU), CCPA (California), and similar state and international privacy laws.

10. Data Deletion Requests

To request deletion of your data, contact us at [email protected]. We will acknowledge your request within 5 business days and complete deletion within 30 days, unless legal obligations require us to retain certain records.

Firm administrators can also delete individual client records and matter data directly through the platform's settings.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify active users via email and update the "Last updated" date at the top of this page.

12. Contact

If you have questions about this Privacy Policy or our data practices, contact us at [email protected].