TrustSecurity FAQ
Security questions, plainly answered.
The questions procurement officers, CISOs, and outside counsel ask before they sign. Answered the way we’d answer them on a call — directly, with the same language we use in the DPA, without marketing softening.
Where is matter data stored?
- Inside Microsoft Azure US regions (East US 2). Each firm’s matters are isolated at the database layer by PostgreSQL row-level security — fail-closed, so a query can never reach another firm’s rows. Data is encrypted at rest with Azure-managed keys (customer-managed keys on enterprise plans). General availability outside the United States is not offered today.
How is authentication handled?
- Token-based authentication — email and password, bcrypt-hashed — with role-based, matter-scoped access checks at every endpoint, plus email-verified accounts and token-based password reset and member invitations. Single sign-on (SAML / OIDC, including Microsoft Entra ID) and multi-factor authentication are on the enterprise roadmap; they are not available today.
How is authorisation enforced?
- Application-level role and matter-scope checks run at every endpoint, backed by PostgreSQL row-level security that fail-closes tenant boundaries at the database. The supervisor pattern keeps sub-agents within a single tenant and matter by construction. Azure RBAC governs the underlying cloud infrastructure separately.
How is data encrypted?
- TLS 1.2+ in transit. Azure-managed keys at rest by default. Customer-managed keys via Azure Key Vault available on enterprise plans — the firm holds the key material, JustineAI™ holds the access to use it. Key rotation is supported on demand.
Are customer matter data used for training?
- No. Eve-Genesis (Law Edition) — the synthetic-data substrate that fine-tunes the legal reasoner — is 100% synthetic by construction. Customer matter data is processed only to generate the requested artifacts. The training discipline is structural: the customer-data partition and the training-data partition are in different Azure subscriptions, under different identities, with no path between them.
What inherited attestations apply?
- The Microsoft Azure platform layer holds ISO 27001, ISO 27018, SOC 1/2/3, PCI DSS, and HITRUST CSF attestations, inherited as the foundation layer. JustineAI™’s own product-level attestation roadmap is tracked separately and surfaced on the Trust posture page as each is finalised.
How is incident response handled?
- Customers are notified of security incidents affecting their data in accordance with applicable US state breach-notification laws (including Cal. Civ. Code § 1798.82). State Attorneys General are notified as required by the laws of affected residents’ states. The JustineAI™ incident-response runbook is available under NDA for procurement review.
How are subprocessors handled?
- Subprocessors are documented on the subprocessors page; each is bound by a written agreement with data-protection commitments at least as protective as the customer agreement. Material changes are communicated to customers in advance via the DPA notification mechanism.
How is access to customer data logged?
- User actions, and the reasoning steps behind them, are written to a structured tenant audit log with actor identity, timestamp, action type, and matter reference. Records older than 90 days are moved nightly to integrity-signed (HMAC-SHA256) long-term storage. Logs are retained for the contractually agreed period and exportable as JSON for litigation discovery, ethics review, or malpractice-insurance audit.
How is networking configured?
- Service-to-service traffic stays inside the Azure backbone via private endpoints. No backend services have public ingress in production. Web Application Firewall policies and CSP headers are enforced on every public surface.
How is data deleted?
- On written deletion request, personal information is deleted or anonymised within 90 days, subject to legal-hold and contractual retention obligations. Tenant deletion is cryptographically verifiable: customer-managed keys are revoked at the firm’s direction, after which the encrypted matter data is unreadable.
Is a Data Processing Agreement available?
- Yes. Eve-Legal, LLC enters into a DPA with customers where required, including for residents of states with comprehensive consumer-privacy laws. The DPA template enumerates each subprocessor and the corresponding data-protection commitments. Request via dpo@mindhyve.ai.