Enterprise-Grade Security for Your Practice
Your clients' data is protected by the same infrastructure used by Fortune 500 companies. Industry-standard encryption, multi-tenant isolation, and zero data retention by AI providers.
Security Infrastructure
Encryption
AES-256 encryption at rest. TLS 1.3 for all data in transit. Client certificates for API access.
Multi-Tenant Isolation
Row-level security (RLS) ensures each firm sees only their own data. Database-level enforcement.
Attorney-Client Privilege
All case data is protected. No data sharing with third parties. AI processing with zero retention.
Compliance
GDPR compliant. Data Processing Agreement available. Regular security audits and penetration testing.
Data Residency
All data stored in US data centers. Compliant with state and federal data residency requirements.
Access Control
Role-based access control (RBAC). Two-factor authentication. Audit logs of all system access.
Data Policy
Your Data Ownership
You own all case data, client information, and firm documents. You can export or delete at any time.
AI Data Use
When you request AI analysis, case data is sent to Claude API with zero retention. We do not train models on your data.
Backups & Recovery
Automatic daily backups. 30-day recovery window for deleted data. Business continuity planning in place.
Data Deletion
Request data deletion anytime. Deleted data is purged from all systems within 30 days. Encrypted backups retained for 90 days.
Compliance Standards
GDPR
General Data Protection Regulation
SOC 2 Type II
Security, Availability, Processing Integrity
CCPA
California Consumer Privacy Act
Data Processing Agreement available upon request. Contact us for compliance questions.