QanoonAI

Privacy Policy

Last updated: February 2026

1. Introduction

QanoonAI ("we," "us," or "our") operates QanoonAI.pk, an AI-powered legal intelligence platform serving Pakistan's legal ecosystem. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

2. Information We Collect

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, phone number, professional role (judge, lawyer, student, or citizen), bar council registration number (for lawyers), and court affiliation (for judges).
  • Usage Data: Documents you upload, queries you submit, AI-generated outputs, and calculator inputs.
  • Technical Data: IP address, browser type, device information, and access timestamps.
  • Payment Data: Billing information processed through our payment provider (PayFast). We do not store full payment card details on our servers.

3. How We Use Your Information

  • To provide, maintain, and improve our AI legal tools and services.
  • To authenticate your identity and enforce role-based access controls.
  • To process your queries through our RAG (Retrieval-Augmented Generation) pipeline.
  • To generate immutable audit trails for compliance and security purposes.
  • To communicate with you about your account, updates, and support requests.
  • To comply with applicable Pakistani laws and regulations.

4. Data Isolation & Security

We implement strict data isolation measures, particularly for judicial users:

  • Judicial data is stored in isolated database partitions with separate encryption keys.
  • All data is encrypted at rest (AES-256) and in transit (TLS 1.3).
  • Mandatory two-factor authentication is enforced for judicial accounts.
  • Audit logs are hash-chained and immutable, retained for 7-10 years.
  • Lawyer tools and judicial tools operate in completely separate workspaces with no cross-access.

5. Data Sharing

We do not sell your personal information. We may share data only with: (a) service providers who assist in operating our platform (hosting, payment processing, AI model providers) under strict confidentiality agreements; (b) law enforcement or regulatory authorities when required by Pakistani law; (c) with your explicit consent.

6. Data Retention

We retain your account data for as long as your account is active. Usage data and audit logs are retained for 7-10 years in compliance with legal record-keeping requirements. You may request deletion of your account and associated data by contacting us, subject to legal retention obligations.

7. Your Rights

Under applicable Pakistani law, including the Electronic Transactions Ordinance, you have the right to: access your personal data, request correction of inaccurate data, request deletion of your data (subject to legal retention requirements), and withdraw consent for data processing.

8. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@qanoonai.pk.