Your evidence is yours.
Legal documents contain the most sensitive facts of your life. We built CasePilot under a single constraint: your evidence stays under your control. Always.
End-to-end encryption
All documents are encrypted in transit with TLS 1.3 and at rest with AES-256. Encryption keys are derived per-account and never shared. Cloudflare R2 object storage provides zero-trust access — no path exists to your files without your authenticated session.
Zero-trust evidence storage
Evidence files are addressed by content hash, not sequential IDs. Presigned upload and download URLs expire within 60 seconds. There is no browseable bucket path. Even with a compromised URL, access expires before it can be forwarded.
Row-level security isolation
Every database table uses PostgreSQL Row-Level Security (RLS). The API sets `app.current_tenant` from your JWT on every request. No query can return rows from another user's workspace — a misconfigured query fails with zero results, not a data leak.
Complete audit trail
Every evidence upload, AI query, draft generation, and export is logged with timestamp, user ID, and case ID. Audit logs are append-only and tamper-evident. Enterprise customers can export audit logs to their own SIEM.
Oregon UTCR compliance
Exports are pre-formatted to Uniform Trial Court Rules (UTCR 2.010): correct font, margins, and page limits for Oregon family court filings. Every draft is marked [DRAFT — ATTORNEY REVIEW REQUIRED] in the header and footer.
SOC 2 Type II in progress
CasePilot is on the SOC 2 Type II readiness path. Current controls cover access management, change management, incident response, and availability monitoring. Enterprise sales can request the current trust report and controls matrix.
Transparency, documented.
Enterprise customers and their security teams can request the full controls matrix, penetration test summary, and vendor DPA package. We respond within two business days.
Request trust documentation →