Legal
Privacy Policy
Last updated 13 June 2026
This policy explains what data toquorum — operated by Lightning Leap Analytics Pvt Ltd — collects, why, who it is shared with, and the choices you have. It applies to users in the United States, India, and elsewhere.
01
What we collect
- Account data — name, email, password hash, role, and your profile preferences.
- Project content — the projects, decisions, terms, remarks, custom fields, and documents you create or upload, including the names and email addresses of the parties you invite.
- Signing data — a record that a party reviewed and signed, with timestamps, used to build the signed PDF deed and audit trail.
- Usage & technical data — log data, IP address, and basic device information needed to run and secure the service.
- Billing data — when paid plans are active, payment is handled by our payments provider; we receive transaction status, not your full card details.
When you enter another person’s details (a party to a project), you confirm you have a lawful basis to provide them to us for this purpose.
02
How we use it
To provide and secure the service: create and run your projects, deliver invite and signing links, generate and store signed deeds, send transactional notifications, prevent abuse, and meet our legal obligations. We do not sell your data, and we do not use your project content to train AI models.
03
Who we share it with
We share data only as needed to run toquorum:
- Parties to a project see the project content shared with them — that is the point of the product.
- AI providers (e.g. Groq, Google, OpenAI) — only the content you submit to an AI feature is sent to the provider to generate a response.
- Infrastructure providers — hosting, database, object storage, and email delivery vendors that operate the service on our behalf.
- Payments provider (Dodo Payments, as merchant of record) when you make a purchase.
- Authorities where required by law, or to protect rights and safety.
04
Storage & security
Data is stored in a managed database and object storage and is transmitted over encrypted (HTTPS) connections. We restrict internal access and design the platform so that a platform administrator manages accounts and billing without project content being surfaced in those tools. No method of storage or transmission is perfectly secure; we cannot guarantee absolute security.
05
Retention
We keep your data while your account is active and as needed to provide the service. Signed deeds and their audit records may be retained as long as the project exists so the record remains verifiable. You can ask us to delete your account and associated data, subject to records we must keep for legal or accounting reasons.
06
Your rights
Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing — for example under India’s Digital Personal Data Protection Act, 2023 and applicable U.S. state privacy laws. To exercise these, email billing@toquorum.com. We will verify your request and respond within the time the law requires.
07
International transfers
We operate across borders, including the United States and India, and our providers may process data in other countries. Where we transfer personal data internationally, we do so using appropriate safeguards as required by applicable law.
08
Cookies & sessions
We use strictly necessary cookies to keep you signed in and to secure the service. We do not use advertising cookies.
09
Children
toquorum is not intended for, and may not be used by, anyone under 18. We do not knowingly collect data from children.
10
Changes & contact
We may update this policy; the “last updated” date above will change and material changes will be notified in-app or by email.
For any privacy question or grievance, contact Lightning Leap Analytics Pvt Ltd at billing@toquorum.com. See also our Terms of Service.