Clerk
ENFRDE
Request access
Security

Built for the confidentiality a law firm demands

Clerk handles privileged files, so protection isn't a feature bolted on — it's the architecture. Your matters stay in the EU, your content never trains anyone's model, and personal data is anonymised before any AI ever sees it.

Request accessRead the DPA
Data protection

Your client data, protected by design

Every safeguard below is on by default — there is no less-private mode to fall back to.

EU data residency

Matters, documents and conversations are stored and processed within the European Union — never moved out of region.

No model training

Your content is never used to train third-party models. It is processed to answer your request, and nothing more.

Anonymised before AI

Personal data is replaced with neutral placeholders before any AI processing — and you review every replacement before it runs.

Confidential matters

Mark a matter confidential and it stays hidden from everyone outside it — including firm administrators.

Role-based access

Owner, admin and member at the firm; lead, contributor or observer on each matter. Everyone sees exactly what they should.

Grounded answers

Clerk declares the decisions it actually read, links each citation to its source, and flags any claim it couldn't ground.

Access control

Least privilege, all the way down

Access is enforced at the data layer, not just hidden in the interface. A colleague only ever loads the matters they've been brought into, in the role they were given — and a confidential matter never appears for anyone outside it.

  • Per-matter roles: lead, contributor, observer
  • Confidential matters hidden even from admins
  • Every invite, role change and access logged
  • Revoke a shared document's access at any time
Row-levelaccess enforced in the database, not just the UI

Compliance posture

EUdata residency
GDPRcompliant by architecture
0content used to train third-party models
Fullaudit trail of every action
Oversight

An audit trail the firm can stand behind

Every invitation, role change, document share and access is written to an organisation audit log. Administrators get oversight of how the firm uses Clerk — per-member usage is metered to the token, with monthly limits you set per seat or pool across the firm.

  • Organisation-wide audit log
  • Per-member monthly usage limits
  • Usage metered to the token
  • Limits enforced before a turn runs
Per-tokenusage metered, with limits enforced before each turn

Security questions

Where is my data stored and processed?

Within EU data residency. Matters, documents and conversations stay in the European Union and are not transferred out of region.

Is my content used to train AI models?

No. Your content is never used to train third-party models. It is used only to carry out the request you made, then it stays in your workspace.

How does anonymisation work?

Before any AI processing, personal data is detected and replaced with neutral placeholders. You review every proposed replacement first — nothing is sent for processing until you've approved it.

Who can see a confidential matter?

Only the colleagues explicitly on it. Confidential matters are hidden from everyone else in the firm, including administrators, and access is enforced at the database level.

Can we get a Data Processing Agreement?

Yes. Our DPA covers roles, sub-processors, security measures and data-subject rights — see the DPA page, or ask during onboarding.

Put a workspace your clients can trust on the matter

Privileged by default, auditable by design — and ready when you are.

Request access