Privacy Policy
Last updated on April 20, 2026.
- Applies to
- SternBench Research
- Access
- Public
- Status
- Published
This Privacy Policy describes how 1577750 B.C. Ltd, doing business as Stern Bench ("Stern Bench," "we," "us," or "our"), collects, uses, and protects information when you use Stern Bench Research (the "Service").
1. Information We Collect
1.1 Account Information
When you create or use an account for the Service, we may collect:
- email address;
- account or user identifiers;
- authentication metadata, including login timestamps and authentication method; and
- limited account settings and preferences.
1.2 Research Interactions
When you use the Service:
- prompts, requests, and related research interactions are processed in real time to provide the Service;
- the Service may generate AI-assisted outputs, summaries, citations, or other research artifacts in response to your prompts;
- in the current session-scoped Research lane, Stern Bench does not retain durable user-visible prompt or output history by default;
- prompts and outputs may remain visible within the active browser session and may be used for follow-up interactions within that session; and
- unsent draft text or related UI state may be stored locally in your browser to support session continuity.
If Stern Bench later enables saved folders, saved outputs, or similar account-linked research-management features, materials you choose to retain through those features may be stored in association with your account.
1.3 Usage, Security, and Device Data
We automatically collect limited technical and operational information, which may include:
- IP address or hashed IP address;
- browser type and basic device identifiers;
- session or account identifiers;
- timestamps and request metadata;
- aggregate usage records;
- rate-limit, bot-protection, abuse-prevention, or fraud-prevention signals;
- landing path and campaign or attribution metadata; and
- performance, reliability, and error data.
1.4 Case Corpus and Platform Data
The Service also makes available Stern Bench's curated corpus of publicly available judicial decisions and related case metadata. That corpus is independently collected and maintained by Stern Bench and is not personal information collected from you merely because you use the Service.
2. How We Use Information
We use collected information to:
- provide and operate the Service, including AI-assisted legal research and citation-backed responses;
- maintain account preferences and basic session continuity;
- maintain security, detect abuse, prevent misuse, and enforce our Terms;
- support debugging, service reliability, and incident response;
- measure aggregate service usage and improve functionality and performance; and
- communicate service-related updates and material changes.
We do not use your information for advertising purposes. We do not sell personal information to third parties.
3. AI Processing and Infrastructure
The Service uses third-party infrastructure and AI services to deliver research functionality.
In the current launch-shaped Research path:
- prompts, relevant case-corpus context, and other necessary service inputs may be processed through the Stern Bench Research API and related infrastructure used to deliver research functionality;
- relevant prompts and service inputs may be processed through Azure-hosted infrastructure and Azure OpenAI services together with internal authority or retrieval services used to support authority-backed responses; and
- identity, access-control, hosting, delivery, rate-limiting, and related providers may process separate technical and operational data needed to operate and secure their services.
Stern Bench does not use your Content or Customer Data to train Stern Bench's own general-purpose AI models.
4. Service Providers
We use service providers to operate the Service. These may include:
| Provider | Purpose | Data Processed |
|---|---|---|
| Vercel | Web application hosting and delivery | Request data, delivery metadata, IP addresses |
| Microsoft Azure / Azure Container Apps | Research API hosting, infrastructure, and cloud operations | Request metadata, service metadata, and other operational data needed to deliver the Service |
| Azure OpenAI Service | AI-assisted research processing | Prompts, relevant case-corpus materials, and service inputs needed to generate outputs |
| Clerk or another identity or access provider used for the applicable deployment | User identity and session management | Email, account identifiers, authentication metadata |
| Redis or similar rate-limiting or abuse-prevention infrastructure | Rate limiting and abuse prevention | IP-based counters, session-level counters, and related operational metadata |
We may update the provider stack from time to time as the Service evolves.
5. Data Retention
We retain different categories of data for different periods:
| Data Category | Retention Approach |
|---|---|
| Account information | Retained while your account remains active, unless a shorter or longer period applies under the applicable arrangement |
| Session-scoped prompt and output history | Not retained as durable user-visible account history by default |
| Operational security, usage, attribution, and error records | Retained for limited operational, security, and troubleshooting periods |
| Local browser storage | May remain on your device until cleared from the browser or device |
| Aggregated or anonymized analytics | May be retained indefinitely |
Even where prompt or output history is not retained as durable user-visible history, operational and infrastructure metadata may be retained separately from session-visible content.
6. Cookies and Local Storage
We use limited first-party session technologies and local browser storage to:
- maintain authenticated sessions where enabled;
- remember basic preferences, draft text, or UI state; and
- support basic service continuity and usability.
We do not use advertising cookies or marketing trackers.
7. Data Security
We implement reasonable administrative, technical, and organizational measures to protect information, including:
- encryption in transit over public networks;
- access controls designed to limit internal access to authorized personnel who require it for support, security, operational, or legal-compliance purposes;
- infrastructure hosted on established cloud providers; and
- logging, monitoring, and incident-response practices appropriate to the Service's current stage.
No system can be guaranteed to be completely secure.
8. International Data Processing
Stern Bench is based in British Columbia, Canada. Depending on the deployment architecture and service providers used, information may be processed in Canada, the United Kingdom, the United States, or other jurisdictions where our service providers operate.
Where required, Stern Bench relies on appropriate contractual or legal safeguards for cross-border processing.
9. Your Rights
You may have the right to:
- access personal data we hold about you;
- correct inaccurate or incomplete information;
- request deletion of your account and associated retained personal data; and
- object to or request restrictions on certain processing where applicable law provides those rights.
To exercise these rights, contact founder@sternbench.com.
10. Children's Privacy
The Service is not directed to children under 16, and we do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will provide notice through the Service or by email where appropriate.
12. Contact
For privacy-related inquiries, contact founder@sternbench.com.
Contact
Questions about this document can be directed to founder@sternbench.com.