Caseway's official logo
ChatPricingBlogVideos
Back to Blogs

Statement of Confidentiality

Statement of Confidentiality
Al Vigier

Al Vigier

Published: 4/13/2025

At Caseway, confidentiality is the foundation. We recognize that legal professionals, businesses, and individuals place immense trust in us when they use our software.

Whether you're drafting a contract, reviewing a court decision, or uploading sensitive materials into our platform, we treat your data with the level of care expected in the legal world: discreet, secure, and strictly private. This document outlines in plain terms and legal clarity how we handle, store, protect, and dispose of the data entrusted to us.

It includes how we comply with privacy laws, avoid AI data harvesting, and structure our systems to provide users with control over their information.

1. Overview of Our Commitment

We built Caseway to be different from the outset. While many AI platforms use your data to improve their models, create profiles, or monetize usage patterns, we do not.

Your legal questions, case materials, and uploaded documents are never used to train our systems or shared with outside entities. We don’t cross-pollinate data between users. And we do not retain anything unless you’ve explicitly chosen to save it.

We believe in:

-Zero data retention by default.

-Zero sharing with third-party AI or analytics providers.

-No AI training using your private or session-based information.

-Complete user control over what is stored, saved, or deleted. We’ve implemented rigorous safeguards and designed our infrastructure to meet the expectations of professionals who deal with confidential legal matters daily.

2. Information We Handle

During your use of Caseway, we may process the following categories of information:

-Legal documents (e.g., contracts, agreements, pleadings)

-Uploaded files (e.g., Word, PDF, or plain text)

-Parties’ names, addresses, and identifying details

-Notes or instructions you enter into the interface: Questions or prompts are entered into Caseway’s AI tools.

-Account login credentials (hashed and encrypted)

-Metadata related to your session (e.g., session start time, browser type). This information is processed temporarily to serve your needs during a session. Unless you explicitly save it, none of this information is retained after the session ends.

3. Session Handling and Ephemeral Memory

Your session is designed to be self-contained. When you log into Caseway and interact with our tools:

-We process your data only for the duration of that session.

-The data is automatically discarded once your session ends (either by logout or timeout).

-We do not cache inputs, outputs, or file contents unless you save them.

-We do not associate session activity with personally identifiable information beyond what is necessary to link your session to your account to access your private data room. This structure mirrors the confidentiality you’d expect from a professional relationship with a lawyer. Your words and files don’t linger after the job is done.

4. Secure Private Data Room

If you choose to save work, Caseway offers each user a secure private data room hosted in our encrypted cloud environment.

Key features of this system:

-All saved files and materials are encrypted at rest.

-Only authenticated user can view or manage the contents of their data room.

-Saved items are never accessible by other users or Caseway personnel (unless you request support or explicitly authorize access).

-You can delete the data you save at any time. Once deleted, it is permanently removed from our system. This ensures that users retain complete control over any persistent content on the platform. Nothing is saved unless you specifically choose to store it.

5. No Use of Data for AI Model Training

Caseway’s AI models are not trained using user-submitted content, unlike many other platforms. Your inputs, uploads, and session history are never used to improve the AI's performance. We do not share data with OpenAI, Google, Anthropic, or any third-party LLM vendor.

Even if we use third-party API providers in the background for auxiliary tasks, we opt out of data logging, storage, or reusing, and we technically disable any optional data retention settings they may offer.

Our AI models are trained on a massive corpus of public court decisions, statutes, and regulatory guidance and never your data. This policy reflects our dedication to protecting sensitive legal communications and preserving the confidentiality expected by our users.

6. Third-Party Sharing and Integrations

Caseway has a strict no third-party sharing policy. This includes:

-No transmission of user data to advertisers, data brokers, or analytics firms.

-No user data will be included in anonymized training pools or benchmarking .- No use of cookies or tracking pixels that share behavior with external parties. If Caseway integrates with third-party tools (e.g., Microsoft Word plugins, document management systems, or cloud storage providers), we structure these integrations to respect your privacy settings.

In every case, the default is non-disclosure, and the user must opt in if any data needs to leave our platform.

7. Regulatory Compliance (CCPA)

Caseway is based in the United States and complies with the California Consumer Privacy Act (CCPA). This includes:

-The right to know what personal information is being collected about you.

-The right to delete any personal information we may have stored about you.

-The right to opt out of selling personal information (which we don’t engage in).

-The right to non-discrimination for exercising your CCPA rights. We do not collect, store, or process your data in a way that requires selling, monetizing, or profiling your behavior. Our approach is minimalist and protective, consistent with the spirit of CCPA.To make a CCPA request, contact us with proof of identity. We will respond within the legally required time frame.

8. Data Residency and Server Infrastructure

All user data processed by Caseway is handled within the United States using domestic cloud infrastructure. We do not offshore data storage or processing to other jurisdictions.

Our infrastructure includes:

-Encrypted storage on SOC 2 and ISO 27001 certified servers

-Data segregation between user accounts

-Firewalls, access controls, and intrusion detection systems

-Automated backups and failover systems (for saved user data only)

-Logging and alerts for unauthorized access attempts

We also routinely audit our infrastructure to ensure it meets or exceeds current standards for cloud security and legal technology applications.

9. Encryption and Technical Safeguards

All data transmitted between your browser and Caseway is encrypted using TLS 1.2 or higher, ensuring protection from interception or tampering.

All data stored in private user accounts (when applicable) is encrypted at rest using AES-256 encryption, the industry standard for sensitive information.

Additional safeguards include:

-Two-factor authentication (2FA) for user accounts (optional but recommended)

-Rate-limiting and bot detection

-Session timeouts and automatic logout features

-Minimal logging of session metadata (for support and diagnostics only)

We constantly monitor and update these protections to adapt to new cybersecurity threats.

10. Confidentiality by Design

From the first line of code, Caseway was designed with legal confidentiality in mind. Unlike other artificial intelligence, our platform reflects the professional obligations of confidentiality that govern the legal industry.

The future of legal technology should be privacy-first, not surveillance-first. Confidentiality is not a toggle or a premium feature. It’s the default.

11. User Responsibilities

While we go to great lengths to protect your data, we also ask users to take steps to maintain security on their end:

-Use a strong, unique password for your Caseway account.

-Avoid sharing your login credentials with others.

-Log out after completing your session, especially on shared devices.-Enable two-factor authentication where available.

-Do not upload sensitive information unless necessary; always use your private data room for longer-term storage. We’re here to protect your data, but security is always a two-way street.

12. Contact and Policy Updates: If you have questions or concerns about this Confidentiality Statement or wish to exercise your data rights under CCPA, please contact: Email: contact (at ) caseway. This policy may be updated periodically to reflect regulations, infrastructure, or business operations changes. The most current version will always be available on our website.


Statement of Confidentiality