Daymark Privacy Policy

Effective Date: May 31, 2026
Last Updated: May 31, 2026

Hypercowboy LLC, doing business as Daymark ("Daymark," "we," "us," or "our"), provides a governed legal AI workspace for law firms and legal professionals (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit www.DaymarkLaw.com, use the Service, interact with our marketing or support channels, or otherwise communicate with us.

This Privacy Policy is written for a business-to-business service. Daymark's customers are law firms or other legal organizations ("Customers"). Individual users generally access the Service through their firm or organization.

1. Scope of This Policy

This Privacy Policy applies when Daymark acts as a controller or business for personal information we collect and use for our own business purposes, including:

• website visits, demo requests, waitlist forms, and marketing interactions;
• account, profile, authentication, and firm-administration information;
• billing, subscription, payment, and procurement information;
• support, security, product telemetry, and service-usage metadata;
• cookies, pixels, analytics, advertising, and similar tracking technologies; and
• other communications you send to Daymark outside the Customer Data handled under a Customer Agreement.

This Privacy Policy does not govern Customer Data processed by Daymark on behalf of a Customer under a customer agreement, order form, data processing addendum, business associate agreement if applicable, or similar agreement (collectively, the "Customer Agreement").

2. Customer Data and Legal Content

When a Customer or its authorized users submit, upload, generate, or store legal work in the Service, that content is "Customer Data." Customer Data may include client documents, matter materials, prompts, outputs, chat history, uploaded files, citations, Vault content, matter metadata, and similar legal-work content.

Daymark processes Customer Data as a processor or service provider on behalf of the Customer. The Customer controls Customer Data and is responsible for determining whether it may be submitted to the Service and for providing any notices or obtaining any permissions required by law or professional obligations.

Daymark's processing of Customer Data is governed by the applicable Customer Agreement, not this Privacy Policy. Requests relating to Customer Data should generally be directed to the Customer that controls the relevant account or matter.

Daymark does not use Customer Data to train, fine-tune, or improve AI models. Daymark's model-provider and AI-infrastructure path for Customer Data is governed by the Customer Agreement, including no-training and zero-data-retention commitments where applicable. Details about Customer Data retention, export, deletion, subprocessors, data locations, and security commitments belong in the Customer Agreement, DPA, security exhibit, and subprocessor list.

Support channels are not intended for submitting client documents, prompts, outputs, or other privileged or confidential Customer Data unless Daymark provides a controlled support procedure for that purpose.

3. Information We Collect

We collect personal information in the categories below.

Category	Examples	Source
Contact and identity information	Name, business email, phone number, firm/organization, title, role, mailing address, professional affiliation	You, your firm, demo/contact forms, events, business development sources
Account and authentication information	User ID, account credentials or authentication metadata, role, permissions, firm workspace, login timestamps, SSO/OAuth metadata if enabled	You, your firm, authentication providers, the Service
Billing and commercial information	Billing contact, invoice information, subscription status, plan, seats, usage allowance, payment status, transaction metadata	You, your firm, Stripe or other payment processors
Service usage metadata	Features used, pages or screens viewed, matter/workspace identifiers, request counts, model selections, token/cost metadata, timestamps, settings, preferences	The Service and system logs
Device, log, and network information	IP address, browser type, device type, operating system, referrer, session identifiers, error logs, security logs	Your browser/device, cookies, server logs, security tools
Support and communications information	Messages to Daymark, support tickets, feedback, survey responses, call notes, email interactions	You, your firm, support and communication tools
Marketing and event information	Demo requests, waitlist status, campaign source, ad interactions, email opens/clicks, webinar/event attendance, publicly available professional information	You, marketing partners, event hosts, public sources
Cookies and tracking information	Cookie IDs, pixel IDs, website analytics, ad campaign identifiers, approximate location from IP address, browsing activity on our website	Cookies, pixels, analytics, advertising, and similar technologies

We may also create aggregated or deidentified information from personal information or service metadata. We do not attempt to reidentify deidentified information except as permitted or required by law.

4. How We Use Personal Information

We use personal information to:

• provide, operate, secure, and improve the Service;
• create and administer accounts, workspaces, roles, permissions, authentication, and access controls;
• process payments, invoices, subscriptions, renewals, usage allowances, top-ups, and related billing matters;
• provide customer support and respond to inquiries, feedback, or requests;
• monitor service performance, usage, reliability, security, fraud, and abuse;
• maintain audit, security, billing, and compliance records;
• communicate with users and Customers about the Service, changes, security, billing, and support;
• market Daymark, measure marketing performance, personalize outreach, and show ads where permitted by law;
• conduct surveys, product research, and business development;
• comply with legal obligations, enforce agreements, and protect rights, safety, property, users, Customers, and the Service; and
• support corporate transactions such as financing, merger, acquisition, reorganization, or sale of assets.

We do not use Customer Data for advertising or model training.

5. How We Disclose Personal Information

We may disclose personal information to:

• Customers and firm administrators: for account administration, workspace management, audit, billing, support, security, usage, and compliance purposes.
• Service providers and subprocessors: vendors that help us host, secure, operate, support, bill, analyze, market, or improve the Service.
• Payment processors: such as Stripe, to process payments, invoices, subscriptions, and related billing.
• Cloud, infrastructure, AI, and security providers: such as Microsoft Azure, Supabase, OpenAI, Anthropic, object-storage providers, authentication providers, logging/security tools, and similar vendors, depending on the final production stack and Customer Agreement.
• Marketing and analytics partners: providers that help us measure website usage, run campaigns, understand audience interest, and advertise Daymark, including Google Ads and Meta advertising tools if enabled in the future.
• Professional advisors: lawyers, accountants, auditors, insurers, bankers, and consultants.
• Authorities or parties in legal proceedings: when we believe disclosure is required by law, subpoena, court order, legal process, or to protect rights, safety, or security.
• Transaction parties: in connection with a financing, merger, acquisition, reorganization, bankruptcy, or sale of assets.
• Others at your direction or with consent.

We do not sell personal information for money. If we use advertising, analytics, pixels, or similar marketing technologies, some disclosures to advertising or analytics partners may be considered a "sale," "sharing," or targeted-advertising disclosure under certain state privacy laws. See Section 8 for additional information.

6. Cookies, Analytics, Advertising, and Similar Technologies

Daymark uses or plans to use cookies, pixels, web beacons, SDKs, local storage, and similar technologies for:

• Essential operations: authentication, session management, fraud prevention, security, load balancing, and service availability.
• Preferences and functionality: remembering settings, firm/workspace context, and interface preferences.
• Analytics and product measurement: understanding website and Service usage, performance, errors, conversion, and feature adoption.
• Marketing and advertising: measuring campaigns, attributing demo requests, retargeting or reaching business audiences, and improving outreach.

Daymark is not using advertising tools at initial publication. Daymark may later use Google Ads, Meta advertising tools, and other marketing tools, including analytics, email marketing, CRM, and cookie-consent tools, after the relevant disclosures and controls are implemented.

You can control cookies through your browser settings. If Daymark uses non-essential cookies, advertising pixels, or cross-context behavioral advertising tools, Daymark will provide appropriate notices and choices where required.

Do Not Track and Preference Signals

Some browsers offer "Do Not Track" or other privacy preference signals. There is not a uniform industry standard for responding to those signals. Daymark will respond to legally required signals as required by applicable law once the relevant tooling is enabled.

7. Your Privacy Choices and Rights

Depending on where you live and subject to applicable law, you may have rights to:

• access personal information we maintain about you;
• correct inaccurate personal information;
• delete personal information;
• receive a copy of certain personal information in a portable format;
• opt out of marketing communications;
• opt out of sale, sharing, or targeted advertising where applicable;
• limit certain uses or disclosures of sensitive personal information where applicable; and
• appeal a denial of a rights request where applicable.

You may update certain account information in the Service. You may opt out of marketing emails by using the unsubscribe link in those emails.

To submit a privacy request, contact us at hello@daymarklaw.com. We may need to verify your identity or authority before fulfilling a request. If your request relates to Customer Data controlled by a Customer, we may direct you to that Customer or assist the Customer in responding according to the Customer Agreement.

8. U.S. State and California Privacy Disclosures

This section is intended to support U.S. and California-ready disclosures. Daymark will update this section if its business, marketing stack, or legal thresholds change.

Categories of Personal Information

In the last 12 months, Daymark may have collected the following categories of personal information:

Category	Examples	Purposes	Disclosed to
Identifiers	Name, email, phone, IP address, account ID, firm name	Account administration, communication, support, marketing, security	Service providers, Customers/admins, marketing partners, advisors
Customer records / commercial information	Billing contact, subscription, invoices, transaction metadata, plan, seat count	Billing, procurement, account management, compliance	Payment processors, service providers, Customers/admins, advisors
Professional or employment-related information	Job title, firm, role, practice area, professional affiliation	Business development, service personalization, account administration	Service providers, marketing partners, Customers/admins
Internet or network activity	Website visits, cookie IDs, referrer, email interactions, Service usage metadata	Analytics, security, service improvement, marketing	Analytics, advertising, cloud/security providers
Geolocation information	Approximate location inferred from IP address	Security, fraud prevention, analytics, regional compliance	Service providers
Audio/electronic communications	Support calls, emails, chats, feedback, survey responses	Support, training, quality assurance, dispute resolution	Support/communication vendors, advisors
Inferences	Marketing segment, product interest, account health, likely firm needs	Marketing, business development, customer success	Marketing/CRM providers, internal teams
Sensitive personal information	Account login credentials or authentication data; Customer Data may contain sensitive data controlled by the Customer	Account security, authentication, service delivery under Customer Agreement	Authentication/security providers; Customer Data subprocessors under Customer Agreement

Daymark does not knowingly collect personal information from minors and does not knowingly sell or share personal information of minors.

Sale, Sharing, and Targeted Advertising

Daymark does not sell personal information for money.

If Daymark enables advertising pixels, retargeting, cross-context advertising, or similar marketing tools, we may disclose identifiers, internet/network activity, commercial information, and inferences to advertising and analytics partners. Under California and some other state laws, this may be considered "sharing," "sale," or targeted advertising even if no money changes hands.

If Daymark enables advertising tools that require additional privacy choices, Daymark will provide the appropriate notices and choices at that time. You may also contact hello@daymarklaw.com.

California Residents

If you are a California resident and applicable law gives you privacy rights, you may request to know, access, correct, delete, or receive a copy of certain personal information; opt out of sale or sharing; limit certain uses of sensitive personal information; and not be discriminated against for exercising privacy rights.

Daymark will not discriminate against you for exercising applicable privacy rights. To exercise rights, contact hello@daymarklaw.com.

9. Security

Daymark uses administrative, technical, and organizational safeguards designed to protect personal information and Customer Data, including encryption, access controls, authentication, least-privilege access, and logging appropriate to the data and risk.

No internet or electronic storage system is perfectly secure. Daymark cannot guarantee absolute security, but it designs the Service around law-firm confidentiality, per-firm isolation, governed AI routing, and controlled access.

Do not send client documents, prompts, outputs, or other privileged materials to ordinary support, marketing, or sales channels unless Daymark provides a controlled process for doing so.

10. Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, maintain accounts, support Customers, comply with legal obligations, resolve disputes, enforce agreements, prevent fraud, maintain security, and run our business.

General retention approach:

• account information: for the duration of the account plus a reasonable period after closure;
• billing and transaction records: as required for tax, accounting, legal, and audit purposes;
• marketing information: until you opt out or the information is no longer useful for the purpose collected;
• security and service logs: for a period appropriate to security, operational, and compliance needs;
• Customer Data: retained, exported, held, or deleted according to the Customer Agreement and firm-controlled retention settings where available.

When we no longer need personal information, we delete, deidentify, or aggregate it unless retention is required or permitted by law.

11. Children's Privacy

The Service is intended for business and professional use by law firms and legal professionals. It is not directed to children or minors under 18. We do not knowingly collect personal information from children. If you believe a child has provided personal information to Daymark, contact us at hello@daymarklaw.com.

12. Third-Party Services

The Service may use or connect to third-party services. Current or planned vendors include Supabase, Microsoft Azure, Stripe, OpenAI, Anthropic, Google Workspace for business communications, and final production object-storage, analytics, CRM, email, Google Ads, and Meta advertising tools to be selected or enabled later.

Third-party services may have their own privacy terms. Daymark's subprocessor and data-location disclosures for Customer Data will be maintained separately in the Customer Agreement, DPA, subprocessor list, and security materials.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date and provide notice as appropriate, such as by posting a notice on our website or in the Service, sending email notice, or using another reasonable method.

Your continued use of the website or Service after an updated Privacy Policy becomes effective means that the updated policy applies to personal information collected after the effective date, subject to applicable law.

14. Contact Us

If you have questions about this Privacy Policy or Daymark's privacy practices, or if you want to submit a privacy request, contact us at:

Hypercowboy LLC d/b/a Daymark
Attn: Privacy
318 Main Street, Ste 101
Evansville, Indiana 47708
Email: hello@daymarklaw.com
Website: www.DaymarkLaw.com

For support inquiries, use hello@daymarklaw.com. Do not send client documents, prompts, outputs, or privileged matter materials through ordinary support channels unless instructed by Daymark through a controlled support procedure.