No Training on Your Data
Your documents, testimony, case materials, and AI-generated insights (“Case Data”) are not used to train or improve AI models—ours or any third party’s. Case Data serves one purpose: your case.
Trust Center
FullProof is purpose-built for legal work where attorney-client privilege, confidentiality, and the integrity of case materials are non-negotiable. Security is not an afterthought at FullProof. It is foundational to every layer of the platform, from infrastructure to AI model integration.
This page outlines our security practices, AI trust commitments, and the safeguards we have put in place to protect the most sensitive legal work.
Privilege Protection
Built for confidentiality obligations in the room
Protecting attorney–client privilege is central to how FullProof is built. Our platform is architected to support attorneys in maintaining confidentiality obligations and minimize the risk of inadvertent privilege waiver when using AI-assisted workflows.
FullProof’s patent-pending privilege-protected hardware provides an additional layer of safeguarding specifically designed for the heightened security and compliance demands of litigation. We are built with awareness of ABA guidance on AI use in legal practice and the confidentiality obligations attorneys owe their clients.
AI Trust Principles
How we handle your data in an AI-powered platform
Data Isolation
Customer Data is logically and architecturally isolated. Case Data from one account is not accessible to, nor does it influence, outputs for other customers.
Zero Retention by LLM Providers
We maintain contractual zero-data-retention agreements with our third-party model providers. This means our agreements prohibit the retention or use of inputs and outputs by an upstream provider, beyond the processing necessary to generate a response.
Human Oversight
FullProof is designed to augment attorney judgment, not replace it. All cues and insights surfaced by the platform are meant to be evaluated and validated by a licensed attorney in the context of their case.
Grounded Outputs
Our AI is grounded in Case Data using retrieval-augmented generation (RAG). Outputs are tied to source documents within the customer’s dataset that attorneys can verify, minimizing hallucination risk.
No Third-Party Sharing
Your Case Data is not sold or shared with any third party except as necessary to provide the FullProof service. Your case materials remain exclusively yours.
Infrastructure Security
Enterprise-grade hosting and monitoring
FullProof is hosted on enterprise-grade cloud infrastructure with network segmentation, web application firewalls, and DDoS protection. Our environment is continuously monitored with real-time alerting to detect and respond to potential threats.
Data Encryption
Controls around stored and moving data
Encryption at Rest
All Customer Data is encrypted using AES-256 encryption.
Encryption in Transit
All Data transmitted between your device and our platform is encrypted using TLS 1.2 or higher, ensuring secure communication in transit.
Key Management
Encryption keys are managed through industry-standard key management practices. Database backups and snapshots are also encrypted.
Data Handling & Privacy
Policies around retention, isolation, and customer control
Tenant Isolation
Customer Data is architecturally isolated. Each organization’s case materials, configurations, and outputs are separated at the infrastructure level.
Retention & Deletion
We maintain clear data retention policies. Customer Data is deleted in accordance with documented data retention policies.
Privacy & Compliance
Data processing agreements (DPAs) are available upon request. See our Privacy Policy for additional details.
Questions?
Request more detail
We understand the importance of validating the security posture of any vendor handling sensitive legal data. If you have questions about our security practices or would like to request additional documentation, contact us at [email protected].