Privacy Policy
Last updated: May 4, 2026
DVHelp.ai is built for people in crisis. We treat your data the same way we'd want our own treated: collected only when needed, kept only as long as needed, and deletable at any time. This page explains exactly what we collect, who else sees it, and what your rights are under California and federal law.
What we collect
When you use DVHelp.ai, we collect three categories of information:
- Account information. Your email address, used only to send the one-time login code.
- Form data and chat history. The information you provide while filling out your DV-100 — names, addresses, dates, abuse narratives, requested orders. This is stored on Firebase Firestore (a Google service) under your user account.
- Technical telemetry. If you visit the public pages, our analytics provider records anonymous, aggregated visit data (page views, country, device type). If something breaks, our error monitor captures the crash with your IP redacted.
We do not collect: your phone number, your physical location beyond what you type into the form, your government IDs, your payment information (the service is free), or any data from third-party sources.
Who else sees your data
DVHelp.ai is built on third-party services. Each one sees only the slice of data it needs:
Cookies and similar technologies
We use a small number of cookies and local-storage values:
- Authentication cookie (
dvhelp_session) — keeps you signed in. HTTP-only, so it can't be read by scripts. Cleared when you sign out. - Consent preference (local storage) — remembers whether you accepted or declined non-essential tracking, so we don't ask twice.
You can decline non-essential tracking from the cookie banner shown on your first visit. You can revoke that decision at any time by clearing your browser's storage for this site.
De-identified data and research
We may use your form data after permanently removing every piece of information that identifies you — names, addresses, phone numbers, email, dates, the names of your children and the respondent, and any other detail that could be traced back to you or anyone in your case — to support academic research and publication on domestic violence, court access, and AI-assisted legal aid.
- De-identification is permanent and irreversible. The original copy of your record stays scoped to your account; the de-identified copy cannot be linked back to you.
- Research uses include aggregate statistics, model evaluation, and publication in peer-reviewed journals. We do not sell de-identified data to third parties.
- You can opt out at any time by emailing privacy@dvhelp.ai with the subject line
Research opt-out. Your account-scoped data will continue to function normally; we just won't include even the de-identified version in any research dataset going forward. - Deleting your account also removes any not-yet-aggregated record from research datasets.
How long we keep your data
- Conversations and form data: until you delete them, or until you delete your account.
- Email-OTP records: 10 minutes (the code expires).
- Server logs (Vercel): typically 30 days, then rolled.
- Error reports (Sentry): 90 days by default.
- Analytics (Plausible): aggregate counts only, retained indefinitely; no individual records.
Your rights
Under the California Consumer Privacy Act (CCPA) and similar laws, you have the right to:
- Know what personal information we hold about you.
- Delete your data — the entire account, or specific conversations.
- Correct inaccurate information.
- Opt out of any data sharing for marketing or sale (we don't sell or share your data — but you have the right anyway).
- Not be discriminated against for exercising these rights.
To delete a single conversation: hover over it in the sidebar and click the trash icon. To delete your entire account, sign out and email us at privacy@dvhelp.ai — we will wipe everything within 24 hours.
Children's privacy
DVHelp.ai is not intended for users under 18. A minor seeking a restraining order can ask a parent, guardian, or guardian ad litem to file on their behalf. Please contact the OC Self-Help Center for guidance specific to minors.
Security
All data is encrypted in transit (HTTPS) and at rest (Firebase Firestore). Sessions live in HTTP-only cookies, not in browser storage that scripts can read. Access to our backend is restricted to authorized maintainers. We will notify affected users within 72 hours of discovering any data breach involving their information.
Changes to this policy
If we change this policy in a material way, we will surface a notice on the site before the change takes effect, and update the "Last updated" date above.
Contact
Questions, requests, or concerns about your data: privacy@dvhelp.ai.
This policy is written in plain language for transparency. It is not legal advice and was not drafted by an attorney. If you have questions about your rights under California or federal privacy law, consult a privacy attorney or contact the California Attorney General's privacy office.