Litigation Hold and Document Preservation Policy

This Policy establishes the procedures Hardline Lending, Inc. follows to identify, preserve, and protect records when litigation, regulatory inquiry, governmental investigation, subpoena, or other dispute resolution is reasonably anticipated or pending. It overrides the Document Retention and Destruction Policy for records within the scope of an active hold.

Standards: common-law duty to preserve; FRCP 37(e); Zubulake v. UBS Warburg, 220 F.R.D. 212 (S.D.N.Y. 2003); Pension Committee v. Banc of America Securities, 685 F. Supp. 2d 456 (S.D.N.Y. 2010); Goodman v. Praxair Services, 632 F. Supp. 2d 494 (D. Md. 2009).

The duty attaches when Hardline knows or reasonably should know that litigation, regulatory action, or subpoena is “reasonably anticipated.” A credible threat is sufficient; certainty is not required. Hardline applies a precautionary standard: when a reasonable in-house counsel would think a dispute is more likely than fanciful, the hold attaches. Outside counsel is consulted in close cases; counsel’s opinion is documented contemporaneously.

Within 24 hours of awareness of any of the following, the Incident Commander must either implement a hold or document the reasoned decision not to:

• Inquiry letter from DFPI, FTC, CFPB, SEC, state AG, state banking department, state real-estate commission, or any other regulator.
• Civil Investigative Demand (CID) from any regulator.
• Administrative subpoena from any agency.
• Judicial subpoena, whether served on Hardline as a party, witness, or third party.
• Demand letter from counsel representing any party adverse to Hardline.
• Customer complaint indicating intent to litigate (mentions of “lawyer,” “sue,” “BBB,” “regulator,” “attorney general,” “class action,” “arbitration”).
• Journalist inquiry indicating an adverse story, particularly one that names Hardline, alleges misconduct, or seeks comment by deadline.
• Internal whistleblower complaint alleging misconduct, fraud, regulatory violation, or harassment.
• Securities-related events (investor complaint, NDA breach, alleged insider trading).
• Class-action filing notice, even if served on a different defendant in the same alleged scheme.
• Threat letter or public statement threatening litigation, including social-media posts at scale.
• P0 or P1 incident under the IRP reasonably likely to produce regulator inquiry or user litigation.
• Departing employee threatening claims, refusing to sign separation documents, or initiating a complaint to a regulator.

• Incident Commander. The CEO (or QI as standing designee). Decides whether to implement a hold, defines scope, signs custodian notices, supervises ongoing compliance.
• Records Custodian. The QI executes the hold: distributes notices, suspends auto-delete tools, coordinates with vendors, maintains the hold inventory, runs periodic reminders.
• Outside Counsel. Consulted on every hold implementation, scope definition, scope expansion, and hold release. Reviews custodian notice before distribution.
• Custodians. Each individual identified is personally responsible for preserving records in their possession, suspending personal auto-delete settings, and acknowledging the hold in writing.

The QI executes the suspensions below within 48 hours of hold implementation:

• Google Workspace / Gmail. Configure Google Vault to retain messages for affected custodians. Disable trash auto-purge. Disable rules that auto-archive or auto-delete.
• Slack. Set workspace-level retention to “keep all messages” for the hold duration (requires Pro or Business+). Apply legal-hold features in Slack Enterprise where available.
• Notion. Suspend auto-archive / auto-delete. Export workspace to JSON / Markdown snapshot at hold start; archive in cold storage.
• Google Drive / Dropbox. Disable trash auto-purge on affected accounts; restore any deleted files within trash retention window; export to cold storage if necessary.
• Supabase database. Confirm PITR enabled; extend backup retention if necessary; suspend scheduled jobs that delete or anonymize.
• Supabase logs. Export to cold storage at hold start and regular intervals.
• Vercel logs. Export to cold storage; standard retention is short.
• Sentry. Set issue retention to maximum; export relevant events.
• GitHub. Suspend repository deletion and force-push for affected repositories.
• Stripe. Export relevant transaction and webhook history.
• Mobile devices. Notify custodians to disable auto-delete on text messages, voicemails, and chat apps.

Within 48 hours of hold implementation, the QI distributes a custodian-notice email to each custodian. Counsel reviews before distribution. Each custodian acknowledges in writing within 5 business days; non-acknowledging custodians are escalated to the Commander and followed up daily.

• Do not discuss the matter except with counsel and authorized Hardline personnel.
• Do not post about the matter on social media, public forums, or non-designated internal Slack channels.
• Do not respond to journalist inquiries about the matter; route to the Commander.
• Do not respond to inquiries from opposing parties; route to counsel.
• Mark substantive emails with counsel “Attorney-Client Privileged — Attorney Work Product.”
• Do not create new informal documents about the matter except at counsel’s direction.

A hold is released only by written direction of the CEO in consultation with outside counsel. Release requires:

• Confirmation the underlying matter is resolved (settlement, dismissal with prejudice, final judgment with no further appeals, or written closure of the regulatory inquiry).
• Counsel’s written opinion that release is appropriate.
• Documented review of related or anticipated matters that might independently require preservation.
• Release notice to all custodians; resume normal retention.
• Update hold inventory.

Active holds reviewed quarterly by Commander, QI, and counsel. Each review confirms: hold remains necessary; scope remains appropriate; custodians have acknowledged and remain in their roles; auto-delete suspensions remain in effect; cold-storage exports are current; six-month reminder distributed.

If a custodian leaves Hardline during a hold, an exit-protocol step preserves the custodian’s mailbox, Slack history, device contents, and other accessible records before account deprovisioning.

Federal Rule of Civil Procedure 37(e), as amended in 2015, governs sanctions for failure to preserve ESI:

• If ESI that should have been preserved is lost because reasonable preservation steps were not taken, and the loss cannot be cured through additional discovery, the court may order measures “no greater than necessary” to cure the prejudice.
• Only on finding the party “acted with the intent to deprive another party of the information’s use” may the court impose case-dispositive sanctions: presume the lost information was unfavorable, instruct the jury accordingly, dismiss, or enter default.

Zubulake IV and Zubulake V establish that the duty attaches when litigation is “reasonably anticipated,” that the duty extends to all relevant ESI in possession/custody/control, that counsel must communicate the hold to relevant custodians, and that counsel must follow up to ensure compliance. Pension Committee elaborates that a hold notice alone is not enough — counsel must take affirmative steps to confirm compliance.

State analogues (California CCP §2031.060, New York CPLR 3126, similar provisions) have parallel doctrines. Counsel evaluates the applicable rule for each matter.

Hardline’s standard: over-preserve. The cost of preserving too much is operational friction. The cost of preserving too little is case-dispositive sanctions plus reputational damage.

The QI maintains a hold inventory listing every active and released hold, with: matter reference, opening date, scope summary, custodians, systems covered, auto-delete suspensions active, periodic-review dates, and release date. Reviewed at quarterly compliance checks and annual policy audit.