Security & Privacy

Your documents are
private, encrypted, and under your control

Legal documents are sensitive — whether they're yours or your client's. Here is exactly how ArguLens protects them at every step.

Never used for training

Your documents are never used to train AI models. Period. Our AI providers (Anthropic, Google) process under zero-data-retention API terms.

Encrypted everywhere

TLS 1.3 in transit. AES-256 encrypted at rest in our database. Documents are never stored in plaintext.

You control deletion

Delete your case data at any time. Set auto-deletion timers (7, 30, or 90 days). When deleted, it's gone — no backups retained.

Complete data isolation

Every case is isolated by user. No user can ever access another user's documents, analysis, or chat history.

Technical details

How your data flows through ArguLens

1. Document upload

Files are uploaded over TLS 1.3 encrypted connections. Text is extracted server-side (PDF parsing, OCR for images). The original file is not retained — only the extracted text is stored, encrypted at rest.

2. AI processing

Extracted text is sent to AI providers (Anthropic Claude, Google Gemini) via their zero-data-retention API endpoints. Under these API terms:

Your data is never used to train their models
Data is processed in memory and not persisted by the provider
Requests are not logged beyond operational monitoring

3. Storage

Analysis results and extracted text are stored in a PostgreSQL database with AES-256 encryption at rest, hosted on Neon (SOC 2 Type II certified infrastructure). Each record is keyed to your user ID — no other user can query it.

4. Deletion

You can delete any case at any time from your dashboard. Deletion is immediate and permanent — all associated data (analysis, extracted text, chat history, notes, feedback) is removed. You can also set auto-deletion timers.

For lawyers & legal professionals

Helping preserve attorney-client privilege

If you're a lawyer using ArguLens for client matters, here's how our security helps you meet confidentiality obligations without risking privilege.

Confidentiality

ABA Model Rule 1.6 / Professional Conduct Rules

Lawyers must make "reasonable efforts" to prevent unauthorized disclosure of client information. ArguLens supports this through encryption, data isolation, access controls, and zero-training AI API terms. We recommend reviewing your jurisdiction's ethics opinions on cloud technology use.

Competence

ABA Model Rule 1.1 — Technology Competence

Understanding how your technology handles client data is part of competent representation. This page is designed to give you full visibility into our architecture. If you need additional detail, contact us.

Singapore

Legal Profession (Professional Conduct) Rules 2015

Under Rule 5 and the PDPA, Singapore lawyers must protect client data confidentiality. ArguLens's encryption, data isolation, and deletion controls align with these requirements. Documents are processed via API endpoints that do not retain data.

Data Processing

Data Processing Agreement (DPA)

Need a DPA for your firm's compliance requirements? We provide Data Processing Agreements for professional users. Contact us at security@argulens.com to request one.

What we will never do

Sell, share, or monetize your documents or analysis results

Use your data to train AI models — ours or anyone else's

Allow any other user to access your case data

Store your original uploaded files after text extraction

Retain deleted data in backups or audit logs

Infrastructure

Hosting

Vercel

SOC 2 Type II, edge network

Database

Neon PostgreSQL

SOC 2 Type II, encrypted at rest

Authentication

Clerk

SOC 2 Type II, MFA support

AI Provider

Anthropic Claude

Zero-data-retention API