VennBoard

Legal

Privacy Policy

Last updated: June 3, 2026 · Effective date: June 3, 2026

Your privacy matters to us. VennBoard, Inc. (“VennBoard,” “we,” “us,” or “our”) provides software that helps divorce and family-law professionals manage matters, intake, documents, court forms, finances, and client communication. Because so much of the information that flows through VennBoard is sensitive — financial records, communications about minor children, court submissions — we hold ourselves to a few core principles:

  • We only collect information we actually need to run the Service.
  • We keep information only for as long as it serves a real purpose, or as long as the law requires.
  • We make it straightforward for you and your firm to access, export, correct, and delete information.
  • We never sell your personal information.
  • We never use the content you put into VennBoard to train third-party machine-learning models.

This Privacy Policy explains what those principles mean in practice. If anything below is unclear, please reach out through our contact form.

The Short Version

  • We don’t sell your personal information.
  • We don’t run third-party ads inside the Service.
  • We don’t use your content to train third-party AI models.
  • You and your firm can access, export, correct, and delete the information you’ve put into VennBoard.
  • A small number of vetted subprocessors help us operate the Service. They are listed below.
  • VennBoard uses AI to help with intake summaries, document analysis, and court-form recommendations. We are transparent about where AI is involved, and a human always decides what to file.

1. Who We Are and What This Policy Covers

VennBoard, Inc. is a Delaware corporation headquartered at 251 Little Falls Drive, Wilmington, New Castle County, Delaware 19808, USA. We build a unified board where divorce professionals and the families they serve can manage matters, exchange documents, complete intake, produce court forms, and communicate.

This Privacy Policy applies to information we collect when you use:

  • Our marketing websites (including vennboard.com and any subdomain we operate);
  • The VennBoard application available to law firms and other professional users;
  • The VennBoard client portal and co-parenting workspace available to clients and family members invited by a firm; and
  • Our customer-support channels, sales communications, and recruiting/job application processes.

Together, the websites, applications, and related features are referred to in this Policy as the “Service.” This Policy does not cover the privacy practices of law firms, mediators, financial professionals, or other third parties that use VennBoard to deliver their services to you; those professionals’ own privacy notices apply to their relationship with you.

2. Information We Collect

We collect information from three sources: information you (or your firm) provide to us directly, information we collect automatically when you use the Service, and information we receive from other sources you have authorized.

2.1 Information You Provide

  • Account information. Name, email address, phone number, business or firm name, role (e.g., attorney, paralegal, client, co-parent), bar number where applicable, and authentication credentials.
  • Matter content. Information about legal matters that you or your firm enter into the Service. This typically includes party names, contact information, court and case identifiers, marriage and separation dates, names and birthdates of children, parenting plans, schedules, allegations, court hearings, and case notes.
  • Financial intake. Income, employment, assets, debts, tax returns, bank statements, retirement accounts, benefits letters, business financials, and similar information needed to complete court-required financial declarations.
  • Documents and uploads. Documents, photos, audio, and other files that you, your firm, your co-parent, or any other authorized user upload into the Service.
  • Court-form input. Field values, overrides, and instructions you provide while completing court forms within the Service.
  • Communications. Messages, comments, calendar events, tasks, and other items you exchange through the Service, as well as your communications with VennBoard support.
  • Payment information. If your firm pays for a VennBoard subscription, billing details and contact information for the responsible party. Payment-card details are submitted to and stored by our third-party payment processor; VennBoard receives only a tokenized reference, billing email, and limited card metadata (such as the last four digits and expiration date).
  • Job applicant information. If you apply for a role with us, the information in your application: name, contact information, resume or CV, work history, references, and any other materials you submit. We may also collect interview notes and, where lawful and role-appropriate, background and reference check results.

2.2 Information We Collect Automatically

  • Log and device information. IP address, browser type and version, operating system, device identifiers, screen size, time-zone, language, referring URL, pages requested, and timestamps.
  • Usage information. Actions you take in the Service — for example, opening a matter, generating a court form, sending a message, or uploading a document — together with the time and the user that performed them. We use this to operate the Service, render the Activity / Audit history that firms rely on, and improve features.
  • Approximate location. We may infer approximate location (typically city or region) from your IP address for security and analytics purposes. We do not collect precise GPS location from the web Service.
  • Cookies and similar technologies. Small data files stored in your browser that keep you logged in, remember your preferences, and let us understand how visitors use the marketing site. See “Cookies and Analytics” below.

2.3 Information We Receive from Other Sources

  • From your firm or co-parent. If you are invited into a matter or family workspace, your firm or co-parent will have provided your name, email, and relationship to the matter.
  • From financial-account integrations. If you choose to link a financial account through a financial-data provider, we receive the data fields you authorize that provider to share (such as account holder, institution name, balances, and transaction history) so we can populate your financial intake.
  • From document-storage integrations. If you choose to import documents from a connected cloud-storage account, we receive the files and metadata you authorize.
  • From identity providers. If you sign in using a single-sign-on provider, we receive the identifiers and basic profile fields the provider returns.

3. How and Why We Use Information

We use the information described above to:

  • Provide the Service. Create and maintain accounts; authenticate users; assemble matters; render documents and court forms; deliver messages, calendar events, and notifications; process payments.
  • Automate paperwork. Pre-fill court forms and declarations from the canonical matter data, generate intake summaries, propose forms relevant to the matter type, and suggest next steps. A human user always reviews and decides what to file.
  • Secure the Service. Detect and prevent fraud, abuse, account takeover, spam, and other security incidents; investigate and respond to suspected misuse; enforce our terms.
  • Support you. Respond to your help requests; diagnose issues; communicate with you about your account or matter.
  • Improve the Service. Understand usage patterns; measure feature effectiveness; build new features. Where the analysis would involve personal data, we work with the smallest set of fields needed.
  • Communicate. Send transactional and account-related notifications. With your consent or where otherwise permitted, send occasional product updates. You can opt out of non-transactional email at any time.
  • Comply with law. Meet our legal, regulatory, tax, audit, and reporting obligations; respond to lawful requests; cooperate with court process.
  • Evaluate job applicants. Assess fit for open roles; communicate with applicants; comply with employment laws.

4. Legal Bases for Processing (EEA and UK)

If you are in the European Economic Area, the United Kingdom, or another jurisdiction with similar rules, we rely on the following legal bases to process your personal data:

  • Contract. Processing necessary to provide the Service you (or your firm) signed up for, including account administration and billing.
  • Legitimate interests. Operating, securing, and improving the Service; preventing fraud and abuse; understanding usage at an aggregate level; recruiting.
  • Legal obligation. Compliance with applicable law, regulation, or lawful order.
  • Consent. Specific activities for which we ask for your consent, such as certain analytics cookies or marketing emails. You can withdraw consent at any time.
  • Vital interests. In rare cases, to protect the vital interests of an individual.

5. How We Share Information

We share information only as described below, and with safeguards appropriate to the recipient.

  • Within a matter or family workspace. Content you place into a matter is visible to the firm staff assigned to it and to the parties and other professionals the firm has invited. Content you place into a co-parenting workspace is visible to the family members you have included.
  • With your firm. If you are a client, co-parent, or other party who has been invited into a matter, the firm operating that matter sees the information in it. The firm is the data controller for the matter content (see “Controllers and Roles” below).
  • With our subprocessors. We rely on a small number of vetted vendors to operate the Service. They process information only on our instructions and under written data-protection terms. The current list is in “Subprocessors” below.
  • For legal reasons. When we receive a valid subpoena, court order, or other legal process, and where we believe in good faith that disclosure is necessary to comply with law, enforce our terms, or protect the safety of any person. Where lawful, we will notify the affected user.
  • To protect rights and safety. When we believe disclosure is reasonably necessary to protect the property, rights, or safety of VennBoard, our users, or the public — including in response to a credible imminent risk of serious harm.
  • In a business transfer. If we are involved in a merger, acquisition, financing, or sale of all or part of our business, information may be transferred to the successor entity, which will continue to be bound by this Policy or one materially similar.
  • With your consent. When you ask us to share information with a third party.
  • Aggregated or de-identified information. We may share information that has been aggregated or de-identified so that it can no longer reasonably be used to identify you.

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

6. Subprocessors

We use the following categories of subprocessors to operate the Service. Specific vendors within each category may change; the current list and any material additions will be reflected on this page.

  • Cloud infrastructure and storage. Amazon Web Services, Inc. (US) — hosting, storage, and data processing.
  • AI / machine learning inference. Amazon Web Services, Inc. (Amazon Bedrock, US) — foundation-model inference for document analysis, intake summaries, and court-form recommendations. Content sent to Bedrock is not retained by the foundation-model provider for training, per AWS’s data-handling commitments.
  • Transactional email. Amazon Web Services, Inc. (Amazon Simple Email Service, US) — sending account notifications and support correspondence.
  • Bot defense. Cloudflare, Inc. (US) — to protect public forms from automated abuse.
  • Web analytics. Where enabled by the firm or by VennBoard for the marketing site, a single web-analytics provider used to understand aggregate site usage. IP addresses are anonymized where the provider supports it.
  • Payment processing. A third-party payment processor receives the card details you submit during checkout. VennBoard does not store full card numbers.
  • Financial-account linking (optional). A third-party financial-data aggregator that you authorize to share specified data fields with VennBoard so we can populate your financial declaration.
  • Customer support tooling. Tools used internally by our team to track and respond to support requests.

7. AI and Automated Processing

VennBoard uses AI to help with tasks such as: summarizing intake documents, extracting structured values from PDFs and images, recommending which court forms apply to a matter, drafting outline language for client-visibility lists, and identifying which form a scanned PDF is. We follow these rules:

  • You decide. AI-produced output is presented as a suggestion. A human user accepts, edits, or rejects before anything is saved, sent, or filed.
  • Limited transmission. We send the smallest reasonably sufficient slice of content to the model for the task at hand — for example, an excerpt of a single document, not your whole matter.
  • No third-party training. Content you put into VennBoard is not used by third-party foundation-model providers to train their models. Our AI subprocessor (Amazon Bedrock) is contractually committed to this.
  • Sensitive identifiers. Our prompts are designed to avoid echoing full government identifiers (e.g., full SSN, driver’s-license, or passport numbers). Where we extract such fields, we store only what is needed (such as the last four digits) and prompt the user to confirm.
  • Logs and review. Inputs and outputs may be retained for a short period for debugging, abuse prevention, and quality review. They are not used to train models.

8. How Long We Keep Information

We retain information for as long as it is needed for the purposes described in this Policy, or as long as we are legally required to keep it. As a general guide:

  • Active accounts. Account, matter, document, and communications data remain available while your firm’s subscription is active.
  • Closed matters. Matter content remains in the Service after a matter is marked closed so that the firm can satisfy its own record-retention obligations (often 5–10 years for family-law records, depending on jurisdiction). The firm controls the timing of deletion.
  • Account closure. When a firm terminates its subscription, we make a copy of the firm’s data available for export for a reasonable period, then delete or de-identify the data within 90 days unless a longer period is required by law or by a legal hold.
  • Backups and logs. Encrypted backups, security logs, and audit records may persist for an additional defined period after deletion, after which they are purged on a rolling basis.
  • Marketing-site visitor logs. Web-server logs for vennboard.com are typically retained for around 30 days.
  • Job applicants. Application materials are retained for the duration of the recruiting process and for a reasonable period afterward to consider you for future roles, subject to applicable law.

9. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect information, including:

  • TLS encryption for data in transit;
  • Encryption at rest for stored documents and database fields containing sensitive content;
  • Role-based access controls and the principle of least privilege;
  • Mandatory authentication for staff access to production systems, with audit logging;
  • Regular vulnerability monitoring and security review.

No online service is perfectly secure. We encourage you to use a strong, unique password; enable any available second-factor authentication; and report suspected security issues to us through our contact form.

10. Your Choices

  • Provide less information. You can decline to provide optional information; some features may be unavailable as a result.
  • Manage cookies. Your browser lets you block or delete cookies. Doing so may break parts of the Service that depend on cookies (for example, staying logged in).
  • Opt out of marketing email. Every marketing email includes an unsubscribe link. We will still send service-related and account-related messages.
  • Close your account. Ask your firm administrator to deactivate your account; if you are the firm administrator, contact us. We may retain certain information as described in “How Long We Keep Information.”

11. Your Rights

Depending on where you live, applicable data-protection laws give you rights with respect to your personal information. These may include the rights described below. We honor the rights of all our users to the extent the relevant law applies to them.

11.1 EEA and UK (GDPR)

If you are located in a country that falls under the scope of the EU or UK GDPR, you have the rights to:

  • Request access to your personal data;
  • Request correction or deletion of your personal data;
  • Object to or restrict our processing of your personal data;
  • Withdraw consent where processing is based on consent;
  • Receive a portable copy of your personal data; and
  • Lodge a complaint with your local data-protection authority.

Because VennBoard usually acts as a processor for firm-controlled matter content, you may need to direct certain requests to the firm that controls your data.

11.2 California and other US States

If you are a California resident, this section serves as your “Notice at Collection.” In the previous 12 months, we collected the following categories of personal information, depending on the Service used:

  • Identifiers (name, contact information, account identifiers, IP address);
  • Commercial information (subscription, billing, purchase history);
  • Internet or network activity (logs, usage, audit history);
  • Geolocation data (approximate, from IP address);
  • Professional or employment-related information (firm, role, bar number);
  • Sensitive personal information (financial information you submit for intake; in limited cases, the last four digits of government identifiers; in some matters, information about minor children) — collected only to provide the Service, and not used to infer characteristics about you.

We use this information for the business purposes described in Section 3 above and share it as described in Section 5 above. We retain it for the periods described in Section 8.

Subject to applicable exemptions, residents of certain US states have the right to:

  • Know the categories of personal information we have collected, used, and shared;
  • Access specific pieces of personal information we hold about you;
  • Request correction of inaccurate personal information;
  • Request deletion of personal information;
  • Receive a portable copy of your personal information;
  • Limit the use or disclosure of sensitive personal information; and
  • Opt out of any “sale” or “sharing” of personal information for cross-context behavioral advertising. We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

You will not receive discriminatory treatment for exercising these rights.

11.3 How to Exercise Your Rights

To exercise any of these rights, contact us through our contact form. Before we can act, we need to reasonably verify your identity — usually by confirming your request from the email address on your account. You may designate an authorized agent in writing. If we deny a request, we will tell you why and you may appeal that decision by replying to our denial; appeals are reviewed by someone who was not involved in the original decision.

12. Cookies and Analytics

We use cookies and similar technologies to keep you logged in, remember your preferences, secure forms (for example, by detecting automated submissions), and measure aggregate use of our marketing site. On our marketing site, we may load a single web-analytics tag (such as Google Analytics 4) with IP-anonymization enabled. You can disable analytics by blocking cookies in your browser or using your browser’s privacy settings. We honor the Global Privacy Control (GPC) browser signal where applicable as an opt-out of any “sale” or “share” of personal information.

13. Children’s Information

The Service is built for use by adult professionals and adult parties to legal matters. We do not direct the Service to children under 13 (or under 16 in the EEA), and we do not knowingly collect personal information from children. Information about minor children — for example, names, ages, schedules, or allegations — may appear inside matters when entered by adult users. That information is treated as part of the adult user’s matter content and is subject to the access controls described in this Policy.

14. International Data Transfers

VennBoard is operated from the United States and stores information on cloud infrastructure located in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. Where required by law, we use appropriate safeguards (such as Standard Contractual Clauses) for international transfers.

15. Controllers and Roles

VennBoard can be either the controller or the processor of personal information, depending on the activity:

  • Controller. For our marketing sites, account-administration data (who is a registered user), billing data, and our own operational analytics, VennBoard, Inc. is the controller.
  • Processor / service provider. For the matter content that a law firm or other professional creates and stores in the Service, the firm is the controller and VennBoard acts as their processor under our Customer Agreement (and any applicable Data Processing Addendum). If you are a client, co-parent, or third party in a matter and you want to exercise rights over that content, please first contact the firm running the matter; we will assist the firm in fulfilling your request.

16. Changes to This Policy

We may update this Policy from time to time. If we make a material change, we will provide reasonable advance notice (for example, by email to firm administrators or a notice in the Service). The “Last updated” date at the top of this Policy reflects the most recent revision. Continued use of the Service after a change takes effect means you accept the revised Policy.

17. How to Reach Us

If you have a question about this Policy, or if you would like to exercise one of the rights described above, please contact us:

  • Online: our contact form
  • By mail: VennBoard, Inc., 251 Little Falls Drive, Wilmington, New Castle County, Delaware 19808, USA

This Policy is adapted in part from the Automattic Privacy Policy, which Automattic, Inc. has made available under a Creative Commons Sharealike license. The adaptation here reflects VennBoard’s own practices.