Skip to content

Privacy Policy

Last updated: July 7, 2026

1. Overview

This Privacy Policy explains how CustodyTrack ("CustodyTrack," "we," "us"), a service owned and operated by Lexeprint Inc., collects, uses, and safeguards information when you use our website and application (the "Service").

CustodyTrack is designed to minimize the sensitive data we hold. For chain of custody records, we store cryptographic hash values and limited metadata needed to authenticate and verify records — not the full contents of your forms where avoidable.

2. Information we collect

Account information: your name, email address, organization, and authentication details managed by our identity provider.

Form and custody data: the chain of custody information you enter, the custody events you generate, and the hash values computed from them.

Transfer information: the names, email addresses, organizations, and signatures of parties involved in a custody transfer.

Payment information: processed by our payment processor, Stripe. We do not store full card numbers.

Usage and device data: standard log information such as IP address, browser type, and pages accessed, used to operate and secure the Service.

3. How we use information

To provide the Service, including creating, transferring, and verifying records; to process payments; to send transactional email (such as transfer links and receipts); to secure and monitor the Service; to provide support; and to comply with legal obligations.

Public verification and audit responses are intentionally limited to integrity metadata (whether a record exists, when it was created, how many custody events it has, and whether its seal is intact). They do not expose your evidence contents or party details.

4. Service providers

We use trusted third parties to operate the Service, including Supabase (database and authentication), Vercel (hosting), Stripe (payments), and Resend (email delivery). These providers process data on our behalf under their respective terms.

5. Data retention

Custody records and their event history are retained to preserve evidentiary integrity, even after an account is closed. Because these records are append-only by design, they cannot be altered or selectively deleted without breaking verification. Account and billing records are retained as required for legal and accounting purposes.

6. Security

We use industry-standard measures including encryption in transit, row-level access controls, hashed transfer tokens, and append-only records enforced at the database level. No system is perfectly secure, but our architecture is designed so that tampering is detectable.

7. Your choices

You may access and update your account information in Settings, and you may request deletion of your account. Note that append-only custody records are retained for integrity as described above. Depending on your jurisdiction, you may have additional rights; contact us to exercise them.

8. Contact

Questions about this policy can be directed to info@lawandforensics.com.