Privacy Policy

Effective Date: March 7, 2026
Operated by Ideax LLC

Ideax LLC, operating as OpenEsq ("we," "us," or "our"), is committed to protecting the privacy of individuals and organizations that visit our website at openesq.com (the "Site") and use our services (the "Services"). This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have. Please read it carefully.

By accessing the Site or using the Services, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the Site or Services.

1. Information We Collect

1.1 Information You Provide Directly

We collect information you provide when you:

  • Submit an inquiry or request a briefing through the Site (name, work email address, company name, and any information included in your message)
  • Register for an account or onboard to the platform (name, email address, company details, billing information, and role)
  • Submit a matter through the platform API or portal (documents, metadata, agent-generated analysis, and any other content included in the submission)
  • Communicate with us by email or other channels
  • Enter into an advisory engagement with us (contact details, company information, and information shared in the course of the engagement)

1.2 Information We Collect Automatically

When you visit the Site, we and our service providers may automatically collect certain technical information, including:

  • IP address and approximate geographic location derived from IP address
  • Browser type, version, and operating system
  • Pages visited, time spent on pages, and referring URLs
  • Device identifiers and connection information
  • Cookies and similar tracking technologies, as described in Section 6 below

We use this information to operate and improve the Site, understand how visitors use it, and for security purposes. We do not use it to build individual behavioral profiles for advertising.

1.3 Information from Matter Submissions

When you submit a legal matter through the platform, we receive the content of that submission, including any documents, contracts, data, or other materials you upload ("Submitted Content"). Submitted Content is treated as confidential and is processed only for the purpose of delivering the Services. It is not used for any other purpose, including training machine learning models, without your explicit consent.

2. How We Use Information

We use the information we collect for the following purposes:

  • To provide, operate, and improve the Site and Services
  • To process and route matter submissions to network attorneys
  • To communicate with you about your account, matters, and engagements
  • To respond to inquiries and fulfill briefing requests
  • To send operational notifications, service updates, and security alerts
  • To enforce our Terms of Service and other agreements
  • To comply with applicable legal obligations and respond to lawful requests from government authorities
  • To detect, investigate, and prevent fraud, abuse, and security incidents
  • To analyze aggregate, anonymized usage patterns to improve the platform

We do not sell your personal information. We do not use your personal information or Submitted Content for advertising or marketing to third parties.

3. How We Share Information

3.1 Network Attorneys

When you submit a matter through the platform, relevant Submitted Content and associated metadata are shared with the licensed attorney assigned to review your matter. That attorney is bound by professional obligations of confidentiality applicable to the attorney-client relationship and by their firm's own privacy and data handling policies.

3.2 Service Providers

We work with third-party vendors who assist us in operating the Site and delivering the Services. These include cloud infrastructure providers, document processing services, payment processors, and business operations tools. These vendors are permitted to use your information only to perform services on our behalf and are contractually required to protect it.

3.3 Legal and Compliance

We may disclose your information if we believe disclosure is required by applicable law, regulation, or legal process, or if we believe disclosure is necessary to protect the rights, property, or safety of Ideax LLC, our users, or the public.

3.4 Business Transfers

In the event of a merger, acquisition, sale of assets, or other business transition, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

3.5 With Your Consent

We may share your information for other purposes with your explicit consent.

4. Data Retention

We retain personal information and Submitted Content for as long as necessary to provide the Services, fulfill the purposes described in this Privacy Policy, and comply with our legal obligations.

For platform clients, default matter retention periods are specified in your engagement terms. Retention periods are configurable on request. Upon expiration of the applicable retention period, we delete or anonymize Submitted Content in accordance with our data lifecycle policies.

Contact and inquiry information collected through the Site is retained for a reasonable period to respond to your inquiry and for our legitimate business purposes, and is deleted upon request.

5. Data Security

We implement technical and organizational measures designed to protect your information from unauthorized access, disclosure, alteration, or destruction. These measures include encryption of data in transit and at rest, access controls, and regular security reviews.

No system is completely secure. We cannot guarantee that your information will never be subject to unauthorized access. If you believe your account has been compromised, please contact us immediately at team@ideax.co.

For clients in regulated industries, we offer Business Associate Agreements (BAA) for HIPAA-covered data and Data Processing Agreements (DPA) for GDPR purposes. Please contact us to request these agreements.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the Site, remember your preferences, and understand how visitors use our pages. We use the following categories of cookies:

  • Strictly necessary cookies: Required for the Site to function. These cannot be disabled.
  • Analytics cookies: Help us understand how visitors interact with the Site. We use anonymized, aggregated data only. You may opt out by adjusting your browser settings.
  • Preference cookies: Remember your settings and choices across sessions.

We do not use advertising or cross-site tracking cookies. We do not permit third-party advertisers to place cookies on the Site.

Most browsers allow you to control cookies through their settings. Disabling certain cookies may affect the functionality of the Site.

7. Third-Party Links and Services

The Site may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party sites or services you access.

8. Children's Privacy

The Site and Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected personal information from a minor without parental consent, we will take steps to delete that information promptly.

9. Virginia Privacy Rights

If you are a Virginia resident, the Virginia Consumer Data Protection Act (VCDPA) may provide you with certain rights regarding your personal data. These rights include:

  • The right to know whether we process your personal data and to access that data
  • The right to correct inaccuracies in your personal data
  • The right to delete personal data you have provided or that we have collected about you
  • The right to obtain a copy of your personal data in a portable format
  • The right to opt out of the sale of personal data (we do not sell personal data)
  • The right to opt out of targeted advertising (we do not engage in targeted advertising)

To exercise any of these rights, please contact us at team@ideax.co. We will respond to your request within the timeframes required by applicable law. We will not discriminate against you for exercising your privacy rights.

Note that certain exemptions apply under the VCDPA. For example, data processed in the context of an attorney-client relationship may be subject to professional privilege and other legal obligations that affect our ability to fulfill certain requests.

10. International Users and GDPR

OpenEsq is operated from the United States. If you are accessing the Site from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction.

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data only where we have a lawful basis to do so under applicable data protection law, including:

  • Performance of a contract with you or to take steps at your request prior to entering a contract
  • Our legitimate interests, provided those interests are not overridden by your rights and freedoms
  • Compliance with a legal obligation
  • Your consent, where we have obtained it

If you are subject to GDPR and would like to exercise your rights (access, rectification, erasure, restriction, portability, or objection), or if you have questions about our legal bases for processing, please contact us at team@ideax.co. For enterprise clients requiring a Data Processing Agreement, we will provide one on request.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the revised version on the Site with an updated effective date. For material changes, we will provide additional notice, such as a notification to the email address associated with your account. Your continued use of the Site or Services after the effective date of a revised policy constitutes your acceptance of the changes.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Ideax LLC
Operating as: OpenEsq
Email: team@ideax.co

This Privacy Policy was last updated on March 7, 2026.