Effective Date: June 14, 2026
VerdictMind is a software platform operated by TwinTech AI LLC (“TwinTech,” “we,” “us”). It helps personal-injury and workers’-compensation law firms manage matters, documents, clients, and related case data, and includes a client-facing Client Portal. This Policy covers the VerdictMind application, the Client Portal, and our website at twintechai.com (the “Service”). Contact: TwinTech AI LLC, 732 S 6th St, Ste R, Las Vegas, NV 89101, privacy@twintechai.com.
Law firms that subscribe (“Firms”) decide what information goes into the Service. For the client, matter, medical, and financial information a Firm enters — including Protected Health Information (“PHI”) — the Firm is the controller and, where applicable, the HIPAA covered entity, and VerdictMind acts as the Firm’s service provider and HIPAA business associate, processing that information only on the Firm’s behalf under our agreement and Business Associate Agreement (“BAA”). For the Firm’s own account information, TwinTech is the controller. If you are a client of a Firm, please direct privacy questions to your Firm — they control your data.
To provide, operate, secure, and support the Service; authenticate users and enforce access controls; keep audit logs; process subscriptions and billing; send service/security notices; comply with law; and improve the Service. We do not use Firm client/matter data for advertising, and we do not sell personal information.
Certain features (e.g., case guidance, settlement/demand analysis, document tools) use third-party AI services, currently OpenAI, to process matter information. To provide them, relevant case data — which may include medical and financial details — is transmitted to the AI provider and the result returned to the Firm (or, for the Client Portal assistant, to the Firm’s client — drawn solely from that client’s own case information). Where PHI is involved, we use the provider under terms intended to protect it, including a Business Associate Agreement and/or a zero-data-retention configuration, and under which the data is not used to train the provider’s models. AI features are controlled by the Firm and produce assistive output that is not legal advice.
We do not sell personal information and do not share data across Firms. We share only with: subprocessors that help operate the Service — cloud hosting (Amazon Web Services), AI (OpenAI), email delivery (Google), and payment processing (Stripe), each under contract and, where PHI is involved, under a BAA; the Firm and its authorized users; as required by law or legal process; and in a business transfer, with notice.
VerdictMind may process PHI on a Firm’s behalf as a business associate. We enter into a BAA with each Firm and with subprocessors that handle PHI, maintain administrative, physical, and technical safeguards, and will notify the affected Firm of any breach of unsecured PHI as required.
We use safeguards including encryption in transit and at rest, least-privilege access controls, per-organization data isolation, server-side session management, audit logging of matter access, and managed database backups. No method is completely secure, but we work to protect information using commercially reasonable measures.
We retain information while the Firm’s account is active and as needed to provide the Service and meet legal obligations. On termination, client and matter data is returned or deleted per the Firm’s agreement and BAA; backups expire on a rolling schedule.
Firm users can review and update account information in the Service. Clients of a Firm should direct access, correction, or deletion requests to their Firm, which controls the data; we assist the Firm as its business associate. Depending on where you live, you may have additional privacy rights, and we will not discriminate for exercising them.
Because Firms operate nationwide, various state laws may apply (e.g., the California Consumer Privacy Act/California Privacy Rights Act and comparable laws). For data we process on a Firm’s behalf, requests route through the Firm; for data where TwinTech is the controller, contact privacy@twintechai.com.
Within the application and Client Portal we use only essential cookies for authentication and security, and no third-party advertising or cross-site tracking cookies. Our marketing website does not use third-party advertising or analytics trackers; you can control cookies in your browser.
The Service is a professional tool for law firms and is not directed to children; we do not knowingly collect personal information directly from children. A Firm may handle matters involving minor clients; such data is processed on the Firm’s behalf under our BAA.
The Service is operated and hosted in the United States. If you access it from outside the U.S., your information will be processed in the U.S.
The Service may link to third-party sites we do not control; their privacy practices are governed by their own policies.
Where a Firm enables text messaging, VerdictMind sends SMS text messages on the Firm’s behalf to the Firm’s clients about their legal matter — for example, appointment and deadline reminders, requests to upload documents, and notifications that a new secure message or update is available in the Client Portal. Texts are sent only to clients who have consented.
YES to a confirmation text sent from the Firm’s number. Consent to receive texts is not a condition of receiving legal services or using the Service.STOP to any message; no further messages will be sent. Reply START to opt back in.HELP for assistance, or contact the Firm.We may update this Policy from time to time. For material changes we will provide notice through the Service or by email and update the Effective Date. Continued use after the changes take effect constitutes acceptance.
Questions about this Policy or our handling of information: TwinTech AI LLC, 732 S 6th St, Ste R, Las Vegas, NV 89101, privacy@twintechai.com. Clients of a Firm should contact their Firm regarding their personal or health information.