Skip to main content

Privacy Policy

Last updated: March 14, 2026

1. General

This Privacy Policy (the "Policy") describes how Divorcify (the "Company", "we") collects, uses, and protects personal information of users of the website divorcify.co.il (the "Website").

1.1 The Company operates in accordance with the Israeli Protection of Privacy Law, 5741-1981, Amendment 13 to the Protection of Privacy Law (2025), the Privacy Protection Regulations (Data Security), 5777-2017, the Privacy Protection Authority (PPA) Guidelines on Artificial Intelligence Systems (2025), and GDPR requirements applicable to processing personal data.

1.2 We process personal data based on explicit consent, contractual necessity, legitimate interest, or legal obligation, as detailed in Section 3. You may withdraw your consent at any time as described in Section 8.8, without affecting the lawfulness of processing carried out prior to withdrawal.

1.3 The Website serves as a legal services marketplace connecting individuals going through divorce or separation with qualified lawyers and mediators.

2. Information We Collect

2.1 Legal Professional Information

When applying to join as a lawyer or mediator, the following information is collected:

  • Full name (required)
  • Israeli Bar Association number or mediator license (required)
  • Phone number (required)
  • Email address (required)
  • Profile photo (optional)
  • Service areas and specializations (required)
  • Professional credentials and certifications
  • Years of experience and case types handled

2.2 Client Information

When using our platform or contacting professionals, the following information is collected:

  • Name (required for inquiries and reviews)
  • Phone number (for professional contact)
  • Email address (for platform communications)
  • Case inquiry details (optional)
  • Review content and rating
  • Preferred contact method and location
  • Details shared during AI-assisted intake conversations (divorce situation, children, property, financial information)
  • Crisis-related information if voluntarily disclosed

2.3 Automatically Collected Information

Technical information collected during website use includes:

  • Hashed IP address (SHA-256 with daily-rotating salt; raw IPs are not stored)
  • Browser type and operating system
  • Pages viewed and actions on the site
  • Device type (mobile/computer)
  • Session identifiers and first visit timestamp
  • Scroll depth and page interactions
  • Session duration and exit page (via sendBeacon)
  • UTM parameters and referrer information

2.4 Sensitive Information

The AI intake assistant may collect information that is considered especially sensitive under Section 7 of the Protection of Privacy Law, 5741-1981, including details about family matters, domestic violence, child welfare, and financial circumstances. This information is collected only with your explicit consent (see Section 5.1) and is subject to heightened protection measures.

3. Purpose of Information Use

The collected information is used for the following purposes only:

  • 3.1 Connecting individuals with qualified lawyers and mediators. (Legal basis: contractual necessity)
  • 3.2 Verifying professional credentials (Bar Association numbers, mediator licenses). (Legal basis: contractual necessity and legal obligation)
  • 3.3 Processing professional registration and profile creation. (Legal basis: contractual necessity)
  • 3.4 Publishing verified reviews and ratings on the platform. (Legal basis: user consent)
  • 3.5 Facilitating case inquiries and initial consultations. (Legal basis: contractual necessity)
  • 3.6 Responding to inquiries and providing customer support. (Legal basis: legitimate interest)
  • 3.7 Improving platform functionality and user experience. (Legal basis: legitimate interest)
  • 3.8 Compliance with legal, regulatory, and professional standards. (Legal basis: legal obligation)
  • 3.9 AI-assisted intake analysis to understand your needs and match you with suitable professionals. (Legal basis: explicit consent)
  • 3.10 Automated matching based on intake data analysis. You have the right to request human review of any automated matching decision (see Section 5.3). (Legal basis: explicit consent)

If you choose not to provide information marked as "required", we may not be able to provide the requested service or verify professional credentials.

4. Sharing Information with Third Parties

We share information only as required for platform operation and in compliance with legal obligations:

4.1 Public Display - Professional information (name, credentials, phone, service areas, specializations, reviews) is displayed publicly on the website. Client case inquiries are never publicly visible.

4.2 Service Providers

We use external service providers:

  • Vercel - Website hosting (European Union region)
  • Neon - PostgreSQL database hosting (European Union region)
  • Resend - Email notifications (United States)
  • OpenAI (GPT-4o-mini) - AI processing of intake conversations (United States)

4.3 Legal requirements - We may disclose information in response to court orders, legal demands, or as required by law.

4.4 International transfer - Information is primarily stored on servers in the European Union (EU). AI intake conversation data is processed in the United States via OpenAI, and transactional emails are sent via Resend (United States). These transfers are conducted in compliance with Section 36B of Amendment 13, with the following safeguards: contractual data processing obligations, data minimization (only conversation messages are sent to OpenAI, without identifying details), and no permanent retention of data by the AI provider. All other data is stored and processed in the EU in accordance with European and Israeli data protection regulations.

5. AI Processing and Automated Decision-Making

5.1 AI Intake Assistant

The Website offers an optional AI-powered intake assistant that helps understand your legal situation and match you with a suitable professional. Use of the AI assistant is entirely voluntary and requires your explicit consent before starting. You may decline to use the AI assistant and instead contact professionals directly through the Website.

5.2 How AI Processes Your Data

When you use the AI intake assistant, your conversation is processed in the following ways:

  • Analysis of your situation to identify relevant legal needs
  • Extraction of key details (such as case type, location, and preferences) for professional matching
  • Detection of crisis situations (domestic violence, self-harm, child safety) to provide immediate emergency resources
  • Generation of a case summary that is shared with the matched professional

5.3 Automated Decision-Making

In accordance with Section 17F of Amendment 13 to the Protection of Privacy Law, you have the following rights regarding automated processing:

  • The right to know that a decision affecting you was made using automated processing
  • The right to understand the general logic behind automated decisions
  • The right to request human review of any automated decision
  • The right to object to automated decision-making

5.4 Data Sent to AI Providers

Only conversation messages are sent to the AI provider (OpenAI). No personally identifiable information (name, phone, email) is sent to the AI provider as part of the processing. The AI provider does not retain conversation data after processing, in accordance with our data processing agreement.

5.5 Crisis Detection

The AI assistant includes automatic detection of crisis situations including domestic violence, self-harm, and child safety concerns. When a crisis is detected, the system immediately displays relevant emergency hotline numbers and resources. Crisis notifications are sent to the platform for follow-up. Crisis-related data receives heightened protection and is retained for 5 years in compliance with legal obligations.

6. Information Security

We implement advanced security measures:

  • 6.1 Encryption of data in transit and at rest.
  • 6.2 Restricted access to information for authorized personnel only.
  • 6.3 Monitoring and control of system access.
  • 6.4 Regular security updates.
  • 6.5 IP address hashing with daily-rotating salt (raw IPs are never stored).

We operate in accordance with the Privacy Protection Regulations (Data Security), 5777-2017.

In the event of a security breach that may harm your privacy, we will notify the Privacy Protection Authority within 72 hours of becoming aware of the breach, and notify affected individuals without undue delay, in accordance with Amendment 13.

7. Data Retention

We retain information as long as required for platform operation and legal compliance:

  • 7.1 Active professional profiles and credentials — retained while accounts are active.
  • 7.2 Inactive professional accounts — 3 years (for review history and verification).
  • 7.3 Client inquiry data — 2 years.
  • 7.4 AI intake conversation data — 2 years after session completion.
  • 7.5 Crisis-related records — 5 years (legal obligation).
  • 7.6 Hashed IP addresses and session metrics — 12 months.
  • 7.7 Cookie consent preferences — 1 year.

All retention periods comply with Israeli Bar Association regulations and legal requirements for maintaining professional records.

8. User Rights

Under the Israeli Protection of Privacy Law, as amended by Amendment 13, you have the following rights:

  • 8.1 Right of Access - The right to know what personal information is held about you in our databases.
  • 8.2 Right of Correction - The right to request correction of inaccurate or outdated information.
  • 8.3 Right of Deletion - The right to request deletion of your information, subject to legal restrictions.
  • 8.4 Right to Object - The right to object to certain processing of information.
  • 8.5 Right to Data Portability - The right to receive your personal data in a structured, commonly used, machine-readable format (JSON or CSV).
  • 8.6 Right to Restrict Processing - The right to request restriction of processing while a dispute regarding your data is pending.
  • 8.7 Right to Human Review - The right to request human review of any decision made solely by automated processing, including AI-based matching (see Section 5.3).
  • 8.8 Right to Withdraw Consent - The right to withdraw your consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal. To withdraw consent, contact us at the email address in Section 11 or use the cookie consent banner to revoke analytics consent.

To exercise your rights, you may contact us at the email address listed in Section 11. We will respond within 30 days. For data portability requests, we will respond within 15 days in accordance with Amendment 13.

You may file a complaint with the Privacy Protection Authority at the Ministry of Justice: https://www.gov.il/en/departments/privacy_protection_authority

9. Cookies and Tracking Technologies

9.1 Cookie Consent

We use a cookie consent banner that allows you to accept or decline non-essential cookies before they are placed. Essential cookies are always active as they are necessary for basic website functionality.

9.2 Essential Cookies

The following cookies are necessary for the website to function and cannot be disabled:

  • dvfy_cookie_consent - Stores your cookie preferences (1 year expiry)
  • Authentication cookies - Required for admin login sessions
  • Language preference - Remembers your selected language (Hebrew/English)

9.3 Analytics Cookies (Require Consent)

The following cookies and tracking technologies are activated only after you provide consent:

  • metrics_session - Session identifier for analytics (30-minute expiry)
  • dvfy_first_visit - Records first visit timestamp for returning visitor analysis (1 year expiry)
  • Internal metrics system - Tracks page views, scroll depth, clicks, search queries, filter usage, session duration, and exit page. All data is stored in our own database (not sent to third-party analytics services). IP addresses are hashed with SHA-256 and a daily-rotating salt; raw IPs are never stored.

9.4 Managing Cookies

You can manage your cookie preferences at any time through the cookie consent banner, which reappears if you clear your cookies. You can also block or delete cookies through your browser settings. Clearing the dvfy_cookie_consent cookie will re-trigger the consent banner on your next visit.

10. Policy Updates

We may update this Policy from time to time. Material changes will be published on the website and will take effect 30 days after publication.

11. Contact & Privacy Officer

For privacy-related questions, data requests, or concerns about sensitive divorce case information:

Privacy Officer — Divorcify Privacy Team

Email: privacy@divorcify.co.il

We will respond within 30 days (15 days for data portability requests). For urgent matters involving sensitive legal information, please mark your inquiry as 'URGENT - PRIVACY'.

You may file a complaint with the Privacy Protection Authority at the Ministry of Justice: https://www.gov.il/en/departments/privacy_protection_authority