Confidentiality & Data Handling

How Starry treats your facts, your documents, and your work product. Last updated June 2026.

Your facts stay yours

Fact patterns, uploaded documents, notes, and every piece of work product Starry generates for you are visible only to your account. Access is invitation-only; there is no public registration. We do not sell or share your data, and the application runs no advertising or analytics trackers.

Where your data lives

Matters, searches, and analysis are stored in Starry's own database. Uploaded documents are stored in private cloud storage and are never publicly addressable. Deleting a matter permanently deletes its searches, analysis, and documents.

Case-law research never transmits your facts to a search service

Starry searches a complete local copy of the public case-law corpus. Your fact pattern is not sent to a third-party legal search API — retrieval happens on our own infrastructure against public court opinions.

What is sent to AI models

Analysis — issue spotting, case relevance, rule synthesis, drafting — is performed by large language models (Google, OpenAI, or xAI, depending on configuration). Your fact pattern, relevant passages from public court opinions, and text extracted from documents you upload are sent to these providers over encrypted API connections and are handled under each provider's API terms. Depending on the provider and service tier in use, those terms may permit the provider to retain inputs or use them to improve their services. Treat anything you enter as shared with the model provider — if a matter is too sensitive for that, do not enter it.

Citations you can verify

Every case citation in Starry's output is resolved against the actual case-law corpus before it reaches you — a case name that does not exist in the corpus cannot appear in your work product. Characterizations of cases are checked against the opinion text in a separate verification pass, and each citation links to the underlying passage so you can confirm it yourself. Treatment checks flag cases that later opinions have overruled, reversed, or questioned.

Access & security

Accounts use passkeys or passwords stored as bcrypt hashes. Session tokens are stored only as digests and rotate on every sign-in; repeated failed logins lock the account. Connections are encrypted in transit.

Professional responsibility

Starry is a research and drafting aid, not a lawyer. It does not provide legal advice, and no attorney-client relationship is created by its use. You remain responsible for verifying every authority before filing — the verification affordances throughout the product exist to make that diligence fast, not optional.

Questions or deletion requests

For data questions, export requests, or account deletion, contact the person who invited you or reply to your invitation email.