Trust is your call.
Security is our responsibility.
Judicio is built for the confidentiality and compliance requirements of modern legal teams. This is exactly how we protect your matters — what we encrypt, where we host, who can access your data, and the certifications that stand behind it, with live status on our Trust Centre.
Certifications & compliance
Every status below mirrors our live Trust Centre — the single source of truth for our certification posture.
SOC 2
Independently audited controls for security, availability, and confidentiality.
ISO/IEC 27001
Certified information-security management system (ISMS).
GDPR
EU data-protection requirements for the personal data we process.
UK GDPR
UK data-protection requirements, mirrored from the EU standard.
Digital Personal Data Protection Act (DPDPA) 2023
India's personal-data protection framework.
One pipeline, five stops — and a branch that stays shut
Every hop below is a control stated on this page. And the branch model training would need is blocked by posture: your documents and prompts are never used to train AI models.
— No.
Your documents and prompts are never used to train AI models. Your data stays yours and is used only to serve your own work.
Upload to cited answer — your data stays yours and is used only to serve your own work.
How we protect your data
Security is built into every layer of the platform, not bolted on. Each of these is a capability you can use today.
Platform controls
Encryption at rest and in transit
Your documents are encrypted at rest and protected in transit with TLS, using industry-standard protocols at every layer of the platform.
Role-based access control
Granular RBAC with project-level permissions and organization-wide management, so the right people see the right matters — and no one else.
Full audit trail
Every document and action is logged, giving you a complete, reviewable activity history across your workspace.
Google Cloud hosting
Judicio runs on Google Cloud Platform with production-grade reliability, isolation, and uptime.
AI & data posture
No training on your data
Your documents and prompts are never used to train AI models. Your data stays yours and is used only to serve your own work.
Human-in-the-loop
AI output is built for lawyer review — you stay in control of every result.
90-day data retention
A defined 90-day retention window applies to customer data.
Hybrid cost model
A subscription with usage-based credits, stated up front.
Privacy & compliance posture
Judicio is designed around the GDPR and India’s Digital Personal Data Protection (DPDP) Act. That means encryption, role-based access, audit logging, no training on your data, and regional data residency — the controls a legal team needs to handle confidential and personal data responsibly. For the specifics of a particular matter or jurisdiction, our team can confirm the arrangements that apply to you.
Data residency, your choice
Keep your data in the region your firm or clients require. Residency options are available on enterprise plans.
United States
US-based storage and processing for North American teams.
European Union
EU residency to support GDPR data-handling requirements.
India
India residency for DPDP-aligned, in-country data handling.
§05.1Does Judicio train its AI models on my data?
No. Your documents and prompts are never used to train AI models. Your data is processed only to deliver your own results and remains yours.
§05.2Where is my data stored?
Judicio is hosted on Google Cloud Platform. Data-residency options in the United States, European Union, and India are available on enterprise plans, so you can keep storage and processing in your preferred region.
§05.3Is Judicio SOC 2 or ISO 27001 certified?
Judicio's certifications — including SOC 2, ISO/IEC 27001, GDPR, UK GDPR, and India's DPDPA 2023 — are listed with their live status on our Trust Centre at trust.judicio.ai. Reports and certificates are available on request via our team.
§05.4Where can I see Judicio's full security posture?
Our Trust Centre at trust.judicio.ai — powered by Sprinto — is the single place to review our security controls, subprocessors, AI posture, and compliance statuses. It stays current as our posture evolves.
§05.5How does Judicio handle GDPR and India's DPDPA?
Judicio is built for the GDPR, UK GDPR, and India's Digital Personal Data Protection Act (DPDPA) 2023, and each is listed with its live certification status on our Trust Centre. In practice that means encryption, role-based access, audit logging, no training on your data, and regional data residency. For specifics on a given matter, contact our team to confirm the arrangements that apply to you.
Found a vulnerability or have a security concern? Email support@judicio.ai and our team will investigate promptly.
Security questions before you start?
Talk to our team about encryption, residency, access control, and your compliance requirements — or review our full posture any time on the live Trust Centre.