Privacy Policy

Last Updated: June 30, 2026

General Information

This Privacy Policy explains how Lejit AI Software Private Limited, doing business as Lejit.ai hereinafter referred to as “Lejit”, “we”, “us”, or “our”, processes personal data when you access or use the website https://lejit.ai the “Site” and the services offered through it the “Services”.

This Privacy Policy is drafted in accordance with:

  • The Digital Personal Data Protection Act, 2023 India the “DPDP Act”; and
  • Globally recognised data protection standards, including the GDPR, where applicable.

“Personal Data” means any data about an individual who is identifiable by or in relation to such data.

Please read this Privacy Policy carefully before using the Site or Services.


Data Fiduciary / Data Controller

Legal entity name:
Lejit AI Software Private Limited

Trade name:
Lejit.ai

Registered address:
10/462, Ground Floor, Mandirathil Towers, Pathanapuram, Kerala, India, 689695

Contact email:
hello@lejit.ai

For the purposes of the DPDP Act, Lejit AI Software Private Limited acts as the Data Fiduciary.

For other jurisdictions, Lejit acts as the Data Controller, where applicable.


Purpose of Lejit

Lejit is an AI-powered legal workspace designed to help lawyers, law firms, corporate legal teams, law students, and individuals manage legal work more efficiently.

The Services may include features such as legal drafting support, case and matter management, legal document organisation, workflow assistance, task tracking, consultation management, scheduling, reminders, and other legal productivity tools.

Lejit processes Personal Data only to provide, secure, improve, and support the Services made available to users.


Personal Data We Collect

We may collect Personal Data directly from you, automatically through your use of the Site or Services, or from third parties.


1. Personal Data collected directly from you

This may include:

  • Identity and contact data, such as name, email address, and telephone number
  • Account data, such as username, password, and login details
  • Professional data, such as employer name, designation, role, or organisation details
  • Preference and usage data, such as selected features, settings, and preferences
  • Communications, including information shared when contacting us or using support features
  • Legal workflow information voluntarily provided by you while using the Services
  • Any other information you voluntarily provide to us


2. Personal Data collected from third parties

We may receive professional or contact details from your employer, organisation, or authorised administrator where such organisation has enabled your access to the Services.


3. Personal Data collected automatically

When you use the Site or Services, we may automatically collect:

  • IP address
  • Browser and device information
  • Usage and interaction data
  • Log files
  • Security and diagnostic data

Further details may be available in our Cookie Policy, where applicable.

 

Google User Data and Google API Usage

Lejit may allow users to sign in using their Google account and, where applicable, connect selected Google services such as Google Calendar to support legal workflow, scheduling, reminders, and case-related productivity features within the Lejit platform.

When a user chooses to sign in with Google or connect Google services, Lejit may request access to limited Google user data based on the permissions approved by the user.

This may include:

  • Google account email address
  • Google account name and basic profile information
  • Google Calendar information, where calendar access is enabled by the user

Lejit uses Google account information only for account creation, authentication, user identification, account access management, and personalisation of the user experience.

Where Google Calendar access is enabled, Lejit uses calendar data only to help users create, view, update, and manage legal workflow events such as client meetings, consultations, hearing dates, filing deadlines, case reminders, internal legal team tasks, and other case-related appointments within the Lejit platform.

Lejit does not use Google user data for advertising, profiling, resale, or unrelated third-party marketing purposes. Lejit does not sell, rent, or commercially share Google user data.

Google Calendar data, where accessed, is used only to provide calendar-related features requested or enabled by the user. Access is limited to the purpose for which the user has granted permission.

Lejit does not transfer Google user data to third parties except:

  • As necessary to provide or improve user-facing features that are clearly visible and requested by the user;
  • To comply with applicable law, regulation, legal process, or enforceable governmental request;
  • To protect against security threats, abuse, fraud, or unauthorised access; or
  • As part of a merger, acquisition, or sale of assets, subject to appropriate confidentiality and data protection safeguards.

Lejit does not allow humans to read Google user data unless:

  • The user has given explicit consent for support, troubleshooting, or security purposes;
  • It is necessary for security investigation, abuse prevention, or system integrity;
  • It is required to comply with applicable law; or
  • The data has been aggregated, anonymised, or otherwise processed so that it cannot reasonably identify the user.

Users may revoke Lejit’s access to their Google account or Google Calendar at any time through their Google Account permissions page or through applicable account settings within Lejit, where available.

Lejit’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Google requires apps using OAuth to clearly disclose how they access, use, store, or share Google user data, and the app’s use of Google user data must be limited to the practices disclosed in the published privacy policy.


Purpose and Legal Basis for Processing

We process Personal Data only for lawful purposes and in accordance with applicable laws.


1. Processing under the DPDP Act India

Under the DPDP Act, we process Personal Data on the following bases:

Consent:
Where required, we process Personal Data based on freely given, specific, informed, unconditional, and unambiguous consent, which may be withdrawn at any time.

Legitimate Uses:
We may process Personal Data without consent for certain legitimate uses permitted under the DPDP Act, including:

  • To provide and operate the Services
  • For security, fraud prevention, and system integrity
  • To respond to user requests, support queries, or complaints
  • For compliance with applicable laws

2. Processing under global data protection laws

Where applicable, including under the GDPR, we process Personal Data based on:

  • Performance of a contract
  • Legitimate interests
  • Legal obligations
  • Consent, where required

How We Use Personal Data

We use Personal Data to:

  • Provide, operate, and maintain the Site and Services
  • Manage user accounts and access
  • Authenticate users, including through Google Sign-In where enabled
  • Provide legal workflow, document, drafting, scheduling, reminder, and case management features
  • Communicate with users and respond to enquiries
  • Provide customer support and resolve technical issues
  • Improve performance, functionality, and user experience
  • Conduct analytics and generate aggregated insights
  • Send service-related or promotional communications, with opt-out options where applicable
  • Ensure security, compliance, fraud prevention, and legal obligations


Children’s Data

Lejit does not knowingly collect or process Personal Data of children.

For the purposes of the DPDP Act, a child means any individual below 18 years of age.

Our Site and Services are not intended for children.

If we become aware that Personal Data of a child has been collected without verifiable parental or guardian consent, we will take reasonable steps to delete such data as soon as possible.

We do not engage in tracking, profiling, or targeted advertising directed at children.

If you believe that a child’s Personal Data has been provided to us, please contact us at .


Sharing of Personal Data

We may share Personal Data with:

  • Service providers / Data Processors, such as IT infrastructure providers, hosting providers, analytics providers, customer support tools, and security service providers
  • Professional advisors, including legal, compliance, accounting, and audit advisors
  • Regulatory, law enforcement, or government authorities, where required by law
  • Business or organisational customers, where access to the Services is provided through an employer or organisation

All service providers are required to protect Personal Data and process it only for the purposes authorised by Lejit and in accordance with applicable legal and contractual obligations.

We do not sell Personal Data.


Storage and Security of Personal Data

We use reasonable technical, organisational, and administrative safeguards to protect Personal Data against unauthorised access, loss, misuse, alteration, disclosure, or destruction.

These safeguards may include access controls, authentication measures, encryption where appropriate, logging, monitoring, and internal access restrictions.

However, no method of transmission over the internet or electronic storage is completely secure. While we take reasonable steps to protect Personal Data, we cannot guarantee absolute security.


Cross-Border Data Transfers

Personal Data may be processed or stored outside India or your country of residence, including in jurisdictions with different data protection laws.

Where such transfers occur, Lejit ensures that:

  • Transfers comply with the DPDP Act and applicable global laws
  • Appropriate contractual, technical, and organisational safeguards are in place
  • Personal Data is processed only for the purposes described in this Privacy Policy


Data Retention

We retain Personal Data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • The duration of your relationship with Lejit
  • Providing the Services to you
  • Compliance with legal and regulatory obligations
  • Resolution of disputes
  • Enforcement of agreements
  • Security, fraud prevention, and audit purposes

Google user data, where collected, is retained only for as long as necessary to provide the connected Google-related features requested by the user, comply with legal obligations, resolve disputes, or maintain security.

Security logs may be retained for up to one year unless a longer retention period is required for legal, security, or compliance reasons.

Once retention periods expire, Personal Data is securely deleted, anonymised, or aggregated.


Your Rights

1. Rights under the DPDP Act India

Subject to applicable law, you may have the right to:

  • Access information about how your Personal Data is processed
  • Request correction or completion of inaccurate or incomplete Personal Data
  • Request erasure of Personal Data no longer necessary for the stated purpose
  • Withdraw consent at any time, where processing is based on consent
  • Nominate another individual to exercise your rights in case of death or incapacity
  • File a grievance or complaint

2. Global data subject rights

Where applicable, you may also have rights to:

  • Request access to your Personal Data
  • Request correction or deletion
  • Request data portability
  • Restrict or object to processing
  • Withdraw consent
  • Lodge a complaint with a supervisory authority

To exercise your rights, please contact us at hello@lejit.ai.

Revoking Google Access

Users who have connected their Google account or Google Calendar to Lejit may revoke access at any time through their Google Account permissions page.

After access is revoked, Lejit will no longer be able to access the relevant Google account or Google Calendar data unless the user grants permission again.

Certain previously processed data may be retained only where necessary for legal, security, compliance, dispute resolution, or legitimate operational purposes, in accordance with this Privacy Policy.


Grievance Redressal Officer

In accordance with the DPDP Act, you may contact our Grievance Redressal Officer at:

Email: hello@lejit.ai
Subject line: Privacy Grievance – DPDP Act

We will acknowledge and address grievances within timelines prescribed by applicable law.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last Updated” date.

Your continued use of the Site or Services after such updates constitutes acceptance of the revised Privacy Policy.