Built for the sensitivity of your matters.
Your documents stay in a per-tenant logical boundary. We do not train on them, we do not retain them beyond your retention window, and every operator action is logged to an immutable audit stream.
Data handling
DocuDig ingests your documents into a per-tenant logical boundary and never mixes them with other clients' data for model training, evaluation, or product telemetry. Raw documents remain in customer-controlled storage; derivative extractions and embeddings are held only as long as your retention policy requires.
Encryption
All data is encrypted at rest (AES-256, cloud-provider-managed keys with customer-key escrow available) and in transit (TLS 1.3). Keys are rotated on a documented cadence and revoked on tenant offboarding.
Access controls
Role-based access with single sign-on and enforced MFA. Every operator action against tenant data is logged to an immutable audit stream. Just-in-time access is required for any DocuDig operator to read a customer document, and the access event is surfaced to the customer's audit feed.
Tenant isolation
Data is isolated at the database layer using row-level security policies bound to a tenant identifier set per-request. The platform does not rely on application-level filtering for isolation; the database enforces it.
Audit logging
Every LLM call, every consensus decision, every pipeline state transition emits a structured audit entry. You can export this log for any matter at any time.
Privilege protection
Privilege markers are applied continuously during review, not as a separate pass. Privileged passages are excluded from cross-document synthesis by default.
Compliance posture
SOC 2 Type II is our current target framework. Specific certifications and current status are shared under NDA during evaluation. We maintain a public trust center and respond to security questionnaires within one business day for active evaluations.
Data residency at v1 is US jurisdiction; EU / UK residency is on the roadmap and available by request for qualifying engagements.