CompFox Trust Center

Security at the Speed of
Legal Innovation

Your practice relies on confidentiality. We protect your data with enterprise-grade security, rigid compliance standards, and absolute data sovereignty.

Encryption

AES-256

Data Privacy

Zero-Training

Compliance

In Review

Certifications

Active Compliance Roadmap

We are committed to the highest standards of data security. We are currently in the audit phase for the following certifications.

In Process

SOC 2 Type II

We are currently undergoing our SOC 2 Type II audit to validate our controls for security, availability, and confidentiality. This rigorous external audit ensures our internal practices meet the highest industry standards.

Readiness Audit Phase

In Process

HIPAA Compliance

Given the sensitive nature of medical reports in workers' compensation, we are formalizing our HIPAA compliance framework to ensure all Protected Health Information (PHI) is handled with medical-grade security.

Policy Framework Implementation

Data Sovereignty

Your data leaves when you do.

Immediate Deletion Policy

Trust is built on the ability to walk away. If you cancel your subscription or leave the CompFox platform, your case files and user data are immediately and permanently deleted from our servers. We retain zero copies.

Attorney-Client Privilege Protection

We maintain strict data isolation. Our AI models are frozen and do not train on your firm's private data. This architectural decision ensures that your client's confidential information never bleeds into the public model or another firm's queries.

Account Cancellation EXECUTING

Data Purged

Architecture

Fortified by design.

Every layer of the CompFox stack is built to secure legal data.

Encryption at Rest & Transit

All data is encrypted using AES-256 standards while stored, and TLS 1.3 ensures security while data is in transit between your device and our servers.

Role-Based Access Control

Granular permissions allow firm administrators to control exactly who sees what. Restrict access to sensitive cases or medical records with a single click.

Regular Pen Testing

We employ third-party security firms to conduct regular penetration testing and vulnerability assessments, ensuring we stay ahead of emerging threats.

Frequently Asked Questions

Does CompFox train its AI on my case files?

No. We have a strict zero-retention policy for AI training. Your uploaded documents and queries are processed in an isolated environment and are never used to improve our base models.

Where is my data hosted?

All data is hosted in the United States on Google Cloud utilizing high-availability zones to ensure redundancy and compliance with US data sovereignty laws.

How do I export my data before deleting my account?

You can use our bulk export tools to retrieve all case files and notes in standard formats (PDF, CSV) before initiating the account deletion process.

Security concerns? Let's talk.

Our dedicated security team is available to answer any questions regarding your firm's compliance requirements.

Security at the Speed of Legal Innovation