Security & Compliance
Enterprise-Grade Security for Sensitive Legal Data
We handle your clients' most sensitive information. Our security practices reflect that responsibility.
SOC 2 Type II Certified
Independently audited security controls covering availability, confidentiality, and processing integrity.
Encryption at Rest & In Transit
AES-256 encryption for data at rest. TLS 1.3 for all data in transit. Zero plaintext storage of sensitive documents.
Data Isolation
Each organization's data is logically isolated. No cross-tenant access. Role-based access controls at every level.
Infrastructure Security
Hosted on SOC 2 compliant infrastructure. Regular penetration testing. Automated vulnerability scanning.
Audit Logging
Complete audit trail of all data access and modifications. Exportable logs for your compliance needs.
Data Portability
Export all your data at any time in standard formats. No vendor lock-in. Your data belongs to you.
How We Handle Your Data
Document Processing
Documents are processed through our secure AI pipeline and stored encrypted in your organization's isolated data partition. We never use your data to train AI models. Your documents are yours alone.
AI Model Usage
CaseScribe uses leading AI models with data processing agreements that prohibit model training on your data. Your documents are never used to improve anyone else's model.
Data Retention
You control your data retention. Delete individual cases or your entire account at any time. Deletion is permanent and irreversible — we don't keep shadow copies.
Questions About Security?
Our team is happy to walk through our security practices or share our SOC 2 report.