Skip to content

Security

Security & Trust Center

Your client data deserves the highest level of protection. Here's how CounselAI keeps it safe.

Encryption

  • AES-256 encryption at rest
  • TLS 1.3 in transit
  • Encrypted backups
  • Key rotation every 90 days

Compliance

  • SOC 2 Type II certified
  • HIPAA-ready architecture
  • GDPR data handling
  • State bar ethics alignment

Access Control

  • Role-based access (8 roles)
  • Multi-factor authentication
  • Session management
  • IP allowlisting (Pro)

Infrastructure

  • US-based data centers
  • Tenant data isolation
  • Automated failover
  • 99.9% uptime SLA (Pro)

Audit & Logging

  • Immutable audit trail
  • All AI actions logged
  • Data access tracking
  • Exportable audit reports

AI Safety

  • Human-in-the-loop required
  • Legal safety guardrails
  • Confidence scoring
  • No AI training on your data

Our Promise

AI Data Promise

  • We never train AI models on your data. Your documents, matters, and client information are never used to train or improve our AI models.
  • Your data stays yours. You retain full ownership of all data. Upon account termination, we securely delete all data within 30 days.
  • Tenant isolation. Each firm’s data is logically isolated. No firm can access another firm’s data under any circumstance.
  • Transparent AI. Every AI output includes the model used, prompt context, and confidence scoring. You see exactly what the AI did.

Questions about security?

Our team is happy to walk through our security practices in detail.

Contact us