Privacy Policy

1. Who we are

ClaimOn (claimon.ai) is a web-based tool that guides individuals through the UK small claims court process. ClaimOn is operated by Chris Andrews. For the purposes of UK data protection law, Chris Andrews is the data controller.

If you have any questions about how your data is handled, contact us through our website.

2. What data we process and where it is stored

Data stored on your device only

The core of ClaimOn runs entirely in your web browser. All claim data you enter — including your name, address, defendant details, claim description, evidence notes, and progress through the stages — is saved to your browser's local storage on your own device. We do not have access to this data, cannot see it, and do not store it on any server.

If you clear your browser data or switch devices, this information is lost. We have no way to recover it for you.

Data shared with third parties when you take specific actions

In two situations, data leaves your device and is processed by third-party services on our behalf:

Payment processing (Stripe): When you choose to pay for the full claim support toolkit (£29.99), your payment is handled by Stripe. Stripe collects your card details, name, and email address directly. ClaimOn does not see or store your card details. We send Stripe a claim reference identifier so we can confirm which claim the payment relates to. Stripe processes this data as an independent data controller under their own privacy policy.

AI-powered timeline extraction (Anthropic): If you use the smart timeline feature (available after payment), your claim description, evidence notes, and any text extracted from uploaded PDFs are sent to Anthropic's Claude API to generate a structured timeline. This data is transmitted securely, processed, and returned. Anthropic does not use data sent via their API to train their models. We do not store this data on any server — it passes through our serverless function and is not retained. See Anthropic's privacy policy for details.

Web hosting data

Our website is hosted by Netlify. Like all web hosts, Netlify automatically collects basic technical data such as your IP address, browser type, and pages visited. This data is used for security and performance purposes and is governed by Netlify's privacy policy. We do not use this data to identify individual users.

Analytics

We may use privacy-focused analytics to understand how the site is used (e.g. which pages are visited most). If analytics are active, they will not use cookies, will not track you across websites, and will not collect any personal information. We will update this section if and when analytics are added.

3. Legal basis for processing

Under UK GDPR, we process personal data on the following bases:

Contract: When you pay for the claim support toolkit, we process payment data to fulfil the service you have purchased (Article 6(1)(b)).

Legitimate interest: We process basic hosting data (server logs) to maintain security and performance of the website (Article 6(1)(f)).

Consent: Use of the AI timeline feature is optional. By choosing to use it, you consent to your claim text being sent to Anthropic for analysis (Article 6(1)(a)). You can use ClaimOn's manual timeline builder instead if you prefer not to share this data.

4. Who we share data with

We share data only with the third parties described above, and only for the specific purposes stated:

• Stripe — payment processing
• Anthropic — AI-powered timeline extraction (only when you use this feature)
• Netlify — website hosting

We do not sell, rent, or share your data with anyone else. We do not use your data for marketing or advertising.

5. International data transfers

Stripe, Anthropic, and Netlify are US-based companies. When data is processed by these services, it may be transferred to and processed in the United States. Each of these companies maintains appropriate safeguards for international data transfers, including Standard Contractual Clauses and the EU-US Data Privacy Framework where applicable.

6. How long data is kept

Claim data on your device: Kept until you delete it (by clearing browser data, deleting a claim in the app, or clicking "Start new claim"). We have no control over this.

Stripe payment records: Stripe retains transaction records in accordance with financial regulations and their own retention policy. We can see basic transaction details (amount, date, claim reference) in our Stripe dashboard.

AI processing: Data sent to Anthropic's API is not stored after the response is returned. We do not retain copies.

Server logs: Netlify retains server logs for up to 30 days.

7. Your rights

Under UK GDPR, you have the right to:

• Access — request a copy of any personal data we hold about you
• Rectification — ask us to correct inaccurate data
• Erasure — ask us to delete your data
• Restrict processing — ask us to limit how we use your data
• Data portability — receive your data in a portable format
• Object — object to processing based on legitimate interest
• Withdraw consent — withdraw consent for AI processing at any time

In practice, because almost all data stays on your device, most of these rights are already within your control. You can delete your claim data at any time from the app, and you can choose not to use the AI features.

For any requests relating to payment data held by Stripe, or to exercise any of the rights above, contact us through our website.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data rights have been breached.

8. Cookies

ClaimOn does not set any cookies. The app uses your browser's local storage to save your claim progress, but local storage is not the same as cookies — it is not sent to any server with your requests and is accessible only by the ClaimOn app running on your device.

If we add analytics in the future, we will choose a cookie-free solution and update this section accordingly.

9. Children

ClaimOn is designed for adults (18+). The small claims court process requires claimants to be at least 18 years old, and this is checked during the eligibility stage. We do not knowingly collect data from anyone under 18.

10. Security

All data transmitted between your browser and our services (Netlify, Stripe, Anthropic) is encrypted using HTTPS/TLS. Payment data is handled entirely by Stripe, which is PCI DSS Level 1 certified — the highest level of payment security certification.

Because claim data is stored on your own device, its security depends on your device and browser settings. We recommend keeping your browser up to date and not sharing your device with anyone who should not have access to your claim information.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top of this page will always reflect the most recent version. If we make significant changes to how we handle your data, we will make this clear on our website.

12. Contact

If you have any questions about this privacy policy or how your data is handled, please contact us through our website.