Legal and policy centre
Clear rules for a limited, synthetic demonstration.
These notices describe the public demonstration as it exists today. They do not claim court approval, legal compliance certification, a production service, or authority to process real court data.
Version 0.4.38-dev · Reviewed 16 July 2026 · Applies to justicetech.askqa.app
01
Service identity and status
Justice Operations is the working description of an engineering demonstrator. It is not a court, tribunal, law firm, government service or emergency channel. It is not affiliated with or approved by any court or government. “LexMotion” and “NyayaGati” remain working project names, not a representation of registration or ownership.
Operator details pending: legal name, legal form, registered or postal address, accountable privacy contact, telephone and service email. These details must be inserted and independently checked before controlled outreach is authorised.
02
Terms of demonstration use
You may view the public pages and try only the published invented case references for evaluation, research and accessibility testing. The information is provided as a non-authoritative demonstration and may change or be withdrawn. It is not legal advice, a court record, a filing channel, service of process, deadline notice or evidence of a legal right.
Do not rely on the demonstration for a case, deadline, hearing, payment or legal decision. Verify all legal information with the competent court or a qualified professional. No warranty, service level, procurement commitment or continuing availability is offered at this stage. Nothing here excludes liability that applicable law does not permit to be excluded.
03
Privacy notice
The application contains 15 invented cases and does not require names, accounts, filings or real case data. A lookup sends the entered reference, network address and ordinary request metadata to the hosting path so the request can be delivered, secured and rate-limited. The application itself holds a network-address rate-limit key in memory for up to 60 seconds. It has no advertising, behavioural analytics or general-AI training purpose.
Cloudflare and Railway carry the public traffic and may process connection, security and operational logs under their configured services. Their exact log settings, processing locations, subprocessors, transfer safeguards and deletion schedules are external configuration evidence that has not yet been verified for this project. Do not submit personal data, real case references, allegations, documents or confidential information.
No lawful basis for real court or personal-data processing has been approved. Before any real-data pilot, the competent institution must identify the controller and processors, purposes and legal bases, recipients, locations, transfers, retention schedule, individual rights, complaint route and required impact assessments. India’s Digital Personal Data Protection Act, 2023 and Rules, 2025 have phased commencement; this demonstrator does not claim certified compliance with them or any other national regime.
04
Data retention, deletion and legal hold
The invented case fixtures remain part of the demonstration until replaced. The in-memory rate-limit key expires within approximately 60 seconds. Hosting and security logs are not assigned a verified project retention period yet; that is an open control and must be resolved before outreach or personal-data collection.
A future court deployment must use an institution-approved records schedule. Expiry makes a record eligible for authorised disposition review; the engine never silently deletes a court record. Legal hold, appeal, investigation, preservation and archival duties override routine deletion. A verified human records authority must approve deletion or transfer and the action must be auditable.
A request to access, correct or erase personal information cannot be processed through this public demo because no verified privacy contact exists and the demo is not intended to collect such information. Once an accountable operator is published, requests must be identity-checked and handled under the applicable law; erasure is not absolute where law, court records, public interest or legal claims require retention.
05
Cookies and local storage
The current public pages do not set application cookies, use browser local storage, embed advertising or load third-party analytics. No cookie banner is shown because the application does not presently request consent for non-essential storage. Infrastructure providers may use strictly necessary security or routing technology outside the application code. This notice and any consent control must be updated before adding analytics, personalisation, marketing pixels or other non-essential storage.
06
Acceptable use
Do not submit real or confidential information; impersonate a court or official; probe for private records; automate bulk requests; bypass rate limits or access controls; introduce malware; disrupt availability; misrepresent a demo result as an official record; or use the service to harass, discriminate, deceive or violate law. Security research is permitted only with prior written scope from the accountable operator once that channel exists.
07
Security and responsible disclosure
The public mode is isolated, read-only, rate-limited and limited to allowlisted invented records. It uses restrictive browser headers and exposes no staff session or mutation API. These are engineering controls, not an independent security certification. Government identity, institution-controlled keys, trusted time, production monitoring, penetration testing and formal incident response remain unconnected or externally unverified.
Do not publish exploitable details or access data that is not yours. A dedicated security reporting address, acknowledgement target and safe-harbour terms remain pending the verified operator identity. If there is an immediate risk to a real person or court, contact the relevant authority—not this demonstration.
08
Accessibility statement
The public interface is designed for keyboard operation, semantic landmarks, visible focus, responsive layouts and screen-reader announcements. The engineering target is WCAG 2.2 Level AA, but no full conformance claim or independent disabled-user audit has been completed. GIGW or jurisdiction-specific certification has not been obtained.
An accessible feedback channel and response time cannot be offered until the operator contact is published. Known or reported barriers must be recorded, prioritised by user impact and retested; no person should be forced to use an inaccessible digital-only path for a legal service.
09
AI and human judicial authority
The system may automate administrative workflow, validation, reminders and operational recovery. It must never issue or recommend judgment, choose justice, appoint a judge, determine credibility, recommend bail or sentence, or silently alter law, evidence or a legal deadline. Every legally effective decision remains with a person authorised by law.
Case content, identity data, documents, event notes and notification records are not approved as model-training data. Any future AI use requires a separately approved purpose, data path, risk classification, human-control design, evaluation, monitoring, contestability and shutdown control. Uses affecting administration of justice may attract heightened or high-risk duties in some jurisdictions.
10
Copyright, licences and marks
Project code, text, graphics and names remain subject to their applicable ownership and licence records. Publication of the demo does not grant permission to present it as an official service, remove notices, use a court emblem, imply endorsement or reuse third-party material beyond its licence. A final copyright owner, software licence, trademark position and government-procurement IP schedule remain to be approved.
11
Third-party services and links
Public delivery currently depends on Cloudflare and Railway. References to laws, standards or external sites are provided for transparency and do not mean those organisations endorse this project. External services control their own content and policies. A production buyer must approve every provider, subprocessor, hosting region, data flow, transfer mechanism, continuity arrangement and exit plan.
12
Complaints, contact, governing terms and changes
Contact pending: no verified legal, privacy, accessibility or security contact is currently published. The project must not invite rights requests or complaints until a monitored channel and accountable recipient exist. A court-related complaint must go to the competent court or statutory authority, not this demonstration.
No governing law, forum or dispute procedure is selected because the legal operator and contracting jurisdiction are unsettled. A future deployment must publish the applicable operator, jurisdiction, complaint and regulator routes without restricting rights granted by mandatory law.
Material changes will receive a new version and review date. A future operator must notify affected users before starting a new personal-data purpose. Archived versions and approval records should be retained in the project’s controlled evidence register.
Responsibility map
Who is responsible for what?
| Area | Project responsibility now | Not accepted or not yet controlled |
|---|---|---|
| Public content | Accurate synthetic labels, limited lookup and correction of project errors. | No official case status, legal advice or court communication. |
| Data | Do not request real data; minimise the invented response; short in-memory rate limit. | Provider log schedules, real-data lawful basis and rights handling remain unapproved. |
| Security | Fail-closed public routes, rate limiting and security headers. | No certification, institutional KMS/HSM, SSO, penetration report or government operations. |
| Accessibility | Build and test an accessible baseline and document known limits. | No independent WCAG/GIGW certification or staffed feedback service. |
| Judicial authority | Preserve human gates and prohibit outcome automation. | No judgment, judge appointment, bail, sentence, credibility or legal-outcome decision. |
| Future court deployment | Provide configurable technology and evidence for evaluation. | The competent institution owns legal authority, official workflow, records rules, approvals and go-live. |
Authoritative references
Research basis
- India Digital Personal Data Protection Act, 2023
- India Digital Personal Data Protection Rules, 2025 and commencement materials
- Guidelines for Indian Government Websites and Apps (GIGW 3.0)
- EU General Data Protection Regulation
- EU Artificial Intelligence Act
- Web Content Accessibility Guidelines 2.2
This research baseline is not legal advice. Local counsel and the competent institution must adapt and approve the final instruments for each jurisdiction and deployment.