Privacy Policy
Last updated: April 21, 2026.
This policy is a placeholder pending legal review. The substantive commitments below reflect how Oryn operates today; the exact language will be finalized before general availability.
What we collect
When you use Oryn, we collect information you provide directly (account and firm information, matter data your firm enters), information generated in use (audit events, timestamps, device information), and minimal third-party authentication tokens (Auth0, Microsoft 365, Google, Dropbox Sign, LawPay) necessary to provide the product.
What we don\u2019t do
We do not sell, rent, or share personal information with advertisers. We do not use firm or matter data to train AI models. We do not share information across firms; every firm\u2019s data is isolated.
How we protect it
See our security page for the technical controls. In short: encryption at rest and in transit, per-firm isolation enforced at the database layer, audit logs for every artifact write, and MFA-enforced authentication.
Your rights
Firm administrators can export or delete firm data at any time. Individual users can request their own activity history through the firm administrator. For rights under GDPR, CCPA, or other applicable laws, contact trust@decoded-systems.com.