← AVID Esq Group Dashboard

Privacy Policy

Last updated: April 26, 2026

1. Overview

This privacy policy describes how the AVID Esq Group Dashboard (the "Dashboard") collects, uses, and protects information. The Dashboard is operated by AVID Esq Group LLC for internal business operations. It is not a consumer-facing service and is not available to the general public.

2. Who can access the Dashboard

Access is restricted to authorized personnel of AVID Esq Group LLC and Fransua Law LLC. Each user has an individual account provisioned by an administrator. The Dashboard is not open to client self-service or public registration.

3. What data the Dashboard processes

The Dashboard reads and displays data from the following sources:

  • Lawmatics CRM — matter, lead, consultation, and event data via the Lawmatics API, used for operational reporting (intake pipeline, attorney performance, marketing source attribution).
  • QuickBooks Online— financial reports (Profit & Loss, Balance Sheet, Cash Flow) for the connected company entities, used for management reporting and consolidated financial views.
  • Manually uploaded CSV files — invoice and time-entry exports uploaded by administrators, used as a redundant source for revenue and time-tracking metrics.
  • User account information — email, full name, role assignments, and salted password hashes. We never store passwords in plaintext.

4. How data is protected

  • OAuth access and refresh tokens for QuickBooks Online are encrypted at rest using AES-256-GCM.
  • User passwords are hashed using bcrypt with a per-account salt.
  • Sessions are managed via signed, encrypted cookies (iron-session) with HTTP-only and Secure flags.
  • All traffic to the Dashboard is served over HTTPS with certificates managed by the hosting provider.
  • Administrative actions (user management, integration connections) require explicit admin role membership.

5. Third-party data sharing

The Dashboard does not sell, rent, or share data with third parties for advertising, marketing, or analytics purposes. The Dashboard contains no advertising trackers and no third-party analytics SDKs. Data is transmitted only to the integration partners listed in Section 3 (Lawmatics, QuickBooks Online) and to the hosting infrastructure required to operate the application (Vercel, Vercel Blob storage).

6. AI-assisted analysis

Optional features in the Dashboard send aggregated, non-identifying summary metrics to Anthropic's Claude API to generate written analysis. No personally identifying client information is transmitted in these requests. Anthropic's privacy obligations are governed by Anthropic's usage policies. AI features can be disabled by removing the configured API key.

7. Data retention

The Dashboard caches QuickBooks reports for up to one hour to reduce API load and stores user accounts for the duration of employment. CSV uploads are retained until manually deleted by an administrator. OAuth tokens persist for the lifetime of the integration connection and are deleted when an administrator disconnects the company via the Dashboard's connection management UI.

8. Your rights

Authorized users may request access to, correction of, or deletion of their account information by contacting an administrator. Because the Dashboard is internal-only and does not serve external clients directly, requests under consumer privacy frameworks (CCPA, GDPR data-subject rights) related to firm clients are addressed through AVID Esq Group LLC's general client privacy practices, not through this application.

9. Changes to this policy

We may update this policy as the Dashboard's integrations or features change. Material changes will be communicated to authorized users.

10. Contact

Questions about this policy or the Dashboard's data handling can be sent to support@avidesq.com.