Loading
Loading
DraftCounsel · Trust center
One rule governs this page: every claim is verifiable against the running product, or it says plainly that it is a posture or a roadmap item. Live numbers are computed, not written.
9
Hard gates active
25/25
Official sources verified
Model and database keys never reach the browser.
All provider keys are server-side environment secrets; nothing sensitive ships as NEXT_PUBLIC_*. The public /api/ai/health probe reports configuration presence as booleans only.
Locked work product cannot leak to an unpaid session.
Previews are server-side projections — the full report/checklist is never serialized to a client that has not unlocked it. Verified in the June 2026 adversarial audits.
The database denies by default.
Every table runs row-level security with no client policies plus explicit privilege revokes — only the server (service role) reads or writes, with authorization enforced in the application layer.
Access codes are never stored in recoverable form.
Codes are stored as SHA-256 hashes; the plaintext exists once, in the purchase email. Sessions and trial cookies are HMAC-signed with constant-time comparison.
Your document cannot reprogram the engine.
Uploaded content rides in the user turn behind an immutable injection-guard system rule: document text is data to analyze, never instructions — an injection attempt becomes a red-flag finding.
Every artifact link is unguessable and brand-scoped.
Capability IDs are 26 hex characters of CSPRNG output; reads are scoped to the issuing brand; shares use one-way HMAC handles that never expose the underlying capability ID.
Payments cannot silently fail into paid-but-not-delivered.
Webhook signatures are verified, grant-write failures return 5xx so the processor redelivers, refunds and chargebacks revoke access, and single-use codes consume atomically.
Audit discipline: three independent senior-engineer reviews (June 2026) plus a five-perspective adversarial re-audit; every actionable finding was remediated and re-verified, and re-audits recur.
Every AI finding on a matter must be approved, rejected, or revised by the supervising attorney — there is no bulk approval, and the finalization gate stays locked until the last finding carries a decision. Adjudications are written to an append-only event store: decisions can be superseded, never erased. A print-ready decision packet exports the record for the matter file. This is the platform’s core design, not a feature flag — the engines exist to feed the workstation, and nothing finalizes around it.
What we store
Documents you submit for review or drafting, the reports and drafts the engines produce, and the adjudication trail — each behind its unguessable private link, scoped to this brand.
Where it lives
United States infrastructure: Vercel (hosting/compute) and Supabase (database, region us-east-1 — verified against the live project). No EU residency is offered today, and we do not imply otherwise.
Retention & deletion
Artifacts remain available at their private links so your matter file stays intact. Deletion requests are honored via support@draftcounsel.io; self-serve deletion controls (content removed, the supervision ledger noting redaction rather than losing history) are on the roadmap and will say so here when live.
The coverage matrix
Which documents assemble deterministically, which are statute-cited AI drafts, and exactly which citation-verification layers are live — computed from the running configuration.
/coverage →
The Authority Graph
25 of 25 cited Florida statutes verified against the official publisher (last check 2026-07-09) — content-hashed, history in source control, official links on every clause card.
/florida →
The health probe
A public, secret-free endpoint reporting which capability layers are configured on this deployment — the same booleans this page and /coverage compute from.
/api/ai/health →
| Provider | Role | Status | Note |
|---|---|---|---|
| Anthropic | Model inference (the drafting/review engines) | Active | API inputs and outputs are not used to train Anthropic models. |
| Supabase | Database & storage | Active | Region us-east-1 (United States) — verified against the live project, not assumed. |
| Vercel | Hosting, serverless compute, CDN | Active | United States infrastructure for both brand deployments. |
| Stripe | Card payments | Staged — no key configured | Activates when checkout goes live; webhook hardening is already shipped. |
| Square | Payments (alternate rail) | Staged — no key configured | Same staged posture as Stripe. |
| Resend | Transactional email | Dormant — no key configured | Access-code delivery and win-back email; dormant until the key is set. |
Status chips are computed from this deployment’s configuration at render time — a provider cannot appear “Active” here unless its key is actually present.
SOC 2
DraftCounsel is not SOC 2 certified today, and this page will never claim otherwise before an audit exists. Control-evidence collection toward a Type I engagement is underway — the CI gate, the append-only adjudication trail, access posture, and incident discipline above are the control set being documented.
Data processing addendum
A firm-signable DPA is in preparation with counsel. Until it ships, the Privacy Policy and Terms govern; ask via support@draftcounsel.io and we will say exactly where it stands.
Professional posture (read this one)
LegalDraft Technologies LLC is not a law firm. DraftCounsel is professional drafting and review software for licensed attorneys and supervised staff: an attestation gate fronts the engines, the supervising attorney remains solely responsible for every work product, and communications with the service are not attorney-client privileged — your own privilege and work-product positions are yours to establish and preserve, and nothing here purports to create them.
Found a security issue? Email support@draftcounsel.io with “SECURITY” in the subject — security reports are triaged ahead of everything else. Machine-readable contact lives at /.well-known/security.txt.
DraftCounsel is professional drafting software for licensed attorneys, operated by LegalDraft Technologies LLC. DraftCounsel is not a law firm and does not provide legal advice. All output is AI-generated draft work product offered for attorney review; the supervising attorney is solely responsible for reviewing, revising, approving, and using any work product, and for compliance with applicable rules of professional conduct. Communications with DraftCounsel are not protected by attorney-client privilege.