Security & confidentiality
Built for privileged material.
Deposition transcripts are confidential, often privileged, and sometimes under a protective order. Here is how your material is protected at every step — and where to get the details your security team needs for its review.
Upload
Your transcript is encrypted in transit and handled on isolated, access-controlled infrastructure.
Analysis
Paid AI processing uses the configured Anthropic commercial API. DepoProof does not use customer content to train models.
Storage
We hold source material to power the product and retain delivered digests until you delete the document. No person reviews content in the normal workflow.
Deletion
Your source transcript is auto-deleted after 30 days or earlier through the source-deletion control. A quote-text-free verification receipt is kept so the credit-back guarantee remains checkable.
Our commitments
- ✓Encrypted in transit; isolated, access-controlled infrastructure.
- ✓No training on your content — ever.
- ✓No human review of your content by default.
- ✓Paid inference governed by the configured commercial API terms.
- ✓30-day source auto-delete, or earlier in-product deletion.
- ✓A verification receipt that contains no transcript quotations.
Questions a vetting checklist asks
Is my client data used to train AI?
DepoProof does not use your content to train models. Paid inference uses the configured Anthropic commercial API under its applicable data terms.
Who can see my transcripts?
No person reviews your content in the normal course of business. Access is limited to what's strictly needed to operate and support the service, and it is logged.
What about scanned documents?
A scan is transcribed and cross-checked before analysis; lines without sufficient machine consensus are marked unresolved and excluded. Every scan-derived digest retains visible transcription provenance and is never represented as a certified transcript.
How does the guarantee survive deletion?
The verification receipt stores hashes, page:line coordinates, filename, matter label, and processing statistics, but no transcript quotation text. After source deletion, it can authenticate and re-check an original born-digital copy you supply.
Can I get your subprocessor list and data-processing terms?
Yes. Our Data Processing Agreement sets out the full list of subprocessors, data-residency details, and processing terms for your security review. Email us and we'll provide it.
Need something specific for a client’s outside-counsel guidelines or a security questionnaire? Email us and we’ll answer directly.