Skip to main content
LawMadeSimple logoLawMadeSimple

Privacy Policy

Last updated: February 2026

LawMadeSimple ("we," "us," or "our") is committed to protecting your privacy and personal data in accordance with the Nigeria Data Protection Regulation (NDPR) and other applicable data protection laws.

1. Data We Collect

We collect the following types of personal data:

Account Information

  • Email address (required for account creation)
  • Name (optional, for personalization)
  • Profile picture (if you sign in with Google, Apple, or Facebook)

Usage Data

  • Search queries (to improve search results)
  • Bookmarked sections and scenarios
  • AI explanation requests and feedback
  • Device and browser information

Technical Data

  • IP address (hashed for privacy, used for rate limiting)
  • Cookies and similar technologies (for authentication)

2. How We Use Your Data

We use your personal data for the following purposes:

  • Service Delivery: To provide AI-powered legal explanations, search functionality, and bookmarking features
  • Account Management: To authenticate users and manage your account
  • Service Improvement: To analyze usage patterns and improve our platform
  • Rate Limiting: To prevent abuse and ensure fair usage
  • Legal Compliance: To comply with applicable laws and regulations

3. Legal Basis for Processing

We process your data based on:

  • Consent: When you create an account and accept our terms
  • Contract: To provide the services you requested
  • Legitimate Interest: For security, fraud prevention, and service improvement

4. Third-Party Services

We use trusted third-party services to operate our platform. These providers are contractually obligated to protect your data:

  • Supabase: Database hosting and authentication (EU-based)
  • OpenAI: AI-powered explanations (data not retained for training)
  • Vercel: Website hosting and analytics
  • Sentry: Error tracking and monitoring

5. Data Retention

  • Account Data: Retained until you delete your account
  • AI Explanations: Cached for 30 days to improve performance
  • Usage Logs: Retained for 90 days, then anonymized
  • Guest Data: IP hashes retained for 24 hours only

6. Your Rights Under NDPR

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of your data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Data Portability: Export your data in a standard format
  • Right to Object: Object to certain data processing
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, go to Account Settings or email us at privacy@lawmadesimple.ng.

7. Data Security

We implement appropriate security measures including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of sensitive data at rest
  • Regular security audits and updates
  • Access controls and authentication
  • Secure session management

8. Cookies

We use essential cookies for:

  • Authentication and session management
  • Security (CSRF protection)
  • Remembering your preferences

We do not use tracking cookies or sell your data to advertisers. See our Terms of Service for more details.

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us immediately.

10. International Data Transfers

Your data may be processed in countries outside Nigeria. When transferring data internationally, we ensure appropriate safeguards are in place to protect your data in accordance with NDPR requirements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our website. Your continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related inquiries or to exercise your rights:

13. Supervisory Authority

If you are not satisfied with our response, you have the right to lodge a complaint with the National Information Technology Development Agency (NITDA), the supervisory authority for data protection in Nigeria.