Adjustment Status Navigator is not a law firm. The information here is not legal advice. We are not affiliated with USCIS, DHS, or the Department of Justice. We are not a notario, notario público, or immigration consultant. The information here is general educational content only. For advice about your specific situation, consult a licensed immigration attorney or a DOJ EOIR-recognized representative.

Privacy Policy

Effective date: Draft — pending attorney review. Last updated: 2026-05-23.

Adjustment Status Navigator takes your privacy seriously. Immigration data is sensitive, and we treat it that way by design.

Adjustment Status Navigator is not a law firm. Content on this site is not legal advice. We are not affiliated with USCIS, DHS, or the Department of Justice EOIR. We are not a notario, notario público, asesor legal, consultor de inmigración, or immigration consultant. Information on this site is general educational content. It is not, and cannot be, advice about your specific case. For advice, consult a licensed immigration attorney or a DOJ EOIR-recognized representative. Read our full Terms, Privacy Policy, and Disclaimer.

1. What we collect

When you use the Service we may collect:

Account information. Email address, hashed password (via our authentication provider, Clerk), display name, preferred language.
Intake responses. Your answers to the guided self-assessment intake. We use these to generate your free Topic List and, if you purchase one, your Attorney Prep Packet.
Documents you upload. PDFs, images, and other files you choose to attach to your case workspace.
Usage data. Pages visited, features used, anonymous error reports, and aggregated analytics. Where possible, this is collected without linking to your identity.
Payment information. If you purchase a paid product, our payment processor (Stripe) handles your card details. We never see or store full card numbers.

2. How we use your information

We use the information we collect to:

Operate the Service — for example, generate your Topic List, render your document checklist, and surface relevant educational content.
Generate the Attorney Prep Packet you have purchased and deliver it to you.
Send transactional and reminder emails you have opted in to.
Diagnose and fix bugs, prevent abuse, and monitor the security of the Service.
Comply with our obligations under applicable law.

We do not use your data to train any artificial-intelligence model. Inputs to our AI features are sent only to our model provider (Anthropic) for the purpose of generating your response, are not used to train any model, and are not retained by the provider beyond their standard zero-data-retention configuration.

3. How long we keep your information

| Data type | Retention | |---|---| | Account record | While your account is active, plus 90 days after a deletion request. | | Intake responses, documents, generated outputs | Same as account, unless you delete them sooner. | | AI audit log | Seven (7) years, stored separately from your user record with hashed user identifiers. See the AI audit log section below for why. | | Anonymous usage and error data | Up to 24 months. | | Payment records | As required by applicable tax and financial-services law (typically seven years). |

4. How we secure your information

All data in transit is encrypted with TLS 1.3.
All data at rest is encrypted (AES-256) in our database and object storage.
Documents you upload are stored with per-user prefixes and signed URLs; cross-user access is blocked by row-level security at the database layer.
Production access is restricted to a small number of named operators with strong authentication.
We do not export your raw data to third parties except as described in Section 6 ("Who we share with").

5. Your rights

You may, at any time:

Access the information we hold about you. Use the in-app data export, or email us.
Correct inaccurate information by editing your profile or contacting us.
Delete your account and your data. After a 90-day grace period during which we keep a recoverable copy in case you change your mind, your account data is permanently removed from active systems. (The AI audit log retains hashed identifiers only, with no link to your name or contact information, for the legal-defensibility reasons described in Section 7.)
Opt out of marketing or reminder emails at any time using the unsubscribe link in any such email.
Request a copy of our data-processing record. Email us.

California residents: under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), you have specific rights including the right to know, the right to delete, the right to correct, the right to opt out of "sale" or "sharing" (we do not sell or share personal information as defined by CCPA/CPRA), and the right to non-discrimination for exercising these rights.

6. Who we share with

We share information only with:

Service providers that operate parts of the Service on our behalf — for example, our hosting provider (Vercel), database and storage provider (Supabase), authentication provider (Clerk), payment processor (Stripe), email provider (Resend), and model provider (Anthropic). These providers are bound by contract to use your data only to provide their service to us.
Government or law-enforcement when required by a valid subpoena, warrant, court order, or other legal process. If we receive a request that we believe is overbroad or improper, we will challenge it where consistent with applicable law and ethics.
Acquirers in the event of a merger, acquisition, or sale of all or substantially all of our assets. We will provide notice before personal information becomes subject to a different privacy policy.

7. AI audit log

We maintain a separate, tamper-evident audit log of every AI-generated output we produce for you. Each log entry contains a hashed user identifier (not your name or email), the timestamp, the prompt category, the model version, the corpus version retrieved from, and the classifier label assigned to the response (e.g., REFUSE, ALLOW). The audit log is retained for seven years.

We keep this log because immigration matters can take years to resolve and because we may need to demonstrate, in response to a regulator inquiry or subpoena, that our refusal classifier and content guardrails operated correctly at any given point in time. The audit log does not include the free-text content of your messages or your generated outputs; only metadata about them.

8. Children

The Service is not directed to children under 13, and we do not knowingly collect information from children under 13. If you believe we have collected information from a child under 13, please contact us and we will delete it.

9. International users

The Service is operated from the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the U.S. By using the Service, you consent to this transfer.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the date of the most recent change. Material changes will be communicated to registered users by email when reasonably possible.

11. Contact and deletion requests

To exercise any of the rights described in Section 5, or to ask a question about this Privacy Policy, contact us at the address listed in the Service footer. We will acknowledge deletion requests within seven days and complete them within thirty days unless an exception under applicable law applies.