Your clients' data. Your firm's control.

Lawyers carry a duty of confidentiality that most software was never designed for. Referent was. Security here is not a checkbox page - it is the constraint the product was built around.

The short version

Encryption

  • AES-256 encryption at rest
  • TLS 1.2+ in transit
  • Encrypted backups

Isolation

  • Every firm gets its own encrypted workspace
  • Your data is never mixed with another firm's

Data residency

  • Hosted on Google Cloud Platform
  • US client data stays in the US
  • EU data stays in the EU

AI without leakage

  • Zero-retention, no-training agreements with every model provider
  • Your client data never trains anyone's models. Including ours

Human control

  • Client-facing and high-risk actions wait for the lawyer's approval
  • Every agent action is written to an audit trail

Deletion

  • Delete means delete
  • Removed data is removed - not archived into someone's training set

Where your data lives

Referent runs on Google Cloud Platform, the same infrastructure trusted by banks and healthcare systems. Firm data is stored with regional separation: US firms' data is stored in US data centers, EU firms' data in EU data centers.

All data is encrypted at rest with AES-256 and in transit with TLS 1.2 or higher. Backups are encrypted and tested. Access to production systems is restricted to a small number of engineers, logged, and reviewed.

What the AI can see - and what it can never keep

Referent's agents work from your live matter context. That requires trust, so here is exactly how it works:

Multiple models, one rule. We use models from providers including OpenAI and Anthropic, routed by task and orchestrated by top-tier models. Every provider operates under zero-retention, no-training agreements: your data is processed to do the work, then discarded.

We don't train on your data either. Referent never uses client or matter data to train models. Improvement comes from product engineering, not from mining your files.

Agents act inside your workspace. An agent working on your matter sees your firm's context only - never another firm's.

The approval gate. Nothing client-facing leaves the system without the lawyer's sign-off. Drafts wait in your queue. You approve, edit, or reject.

Everything is logged. A full audit trail records what every agent did, when, and on whose approval. You can answer "who did what" at any time - which is more than most firms can say about their inbox.

Built under the world's strictest privacy regime

Referent is built by AI Lawtech Sp. z o.o., an EU company. That is not a legal footnote - it is an engineering advantage. Operating from the EU means privacy-by-design is the default we build from: data minimization, purpose limitation, and the user's right to erasure are architectural decisions, not afterthoughts. Our formal GDPR compliance program is underway alongside our certification work below.

Certifications: where we are, honestly

SOC 2 - in preparation

We have mapped the full control set and are aligning our engineering and processes against it.

ISO 27001 - in preparation

Same approach: requirements adopted first, certificate second.

Penetration testing

We conduct penetration tests on the platform and fix what they find.

On the roadmap

SSO for firms that need centralized access control.

We publish status updates as certifications complete. If your firm needs specifics for a vendor review, write to us - we answer security questionnaires directly.

Questions or reports

Security questions, vendor due diligence, or a vulnerability report: contact@referent.law. A human from the founding team reads every message. Researchers reporting vulnerabilities in good faith will get a response, not a lawyer's letter.

Security questions, answered

Is my client data used to train AI models?

No. Referent operates under zero-retention, no-training agreements with every AI model provider it uses, and Referent itself never trains models on client or matter data.

When an agent processes your data, the model provider uses it to do the work and then discards it - it is not stored, and it never becomes training material. Product improvement at Referent comes from engineering, not from mining client files.

Where is my data stored?

Referent runs on Google Cloud Platform with regional separation: US firms' data is stored in US data centers, and EU firms' data is stored in EU data centers.

All data is encrypted at rest with AES-256 and in transit with TLS 1.2+, and backups are encrypted as well. Each firm's workspace is isolated, so your data is never mixed with another firm's.

Can AI send something to my client without me knowing?

No. Every client-facing or high-risk action an agent prepares waits in your approval queue. You approve it, edit it, or reject it - nothing leaves the system without the lawyer's sign-off.

A full audit trail records what every agent did, when, and on whose approval, so you can always answer who did what.

Is Referent SOC 2 certified?

Not yet, and we would rather tell you that plainly than imply otherwise. SOC 2 and ISO 27001 preparation is underway: the control sets are mapped and our engineering and processes are being aligned against them.

We publish status updates as certifications complete. In the meantime, we answer vendor security questionnaires directly - write to contact@referent.law.

What happens to my data if I leave?

You can export your data, and deletion means deletion. When you remove data - or your firm leaves Referent - it is removed. We do not keep shadow copies, and nothing you delete ends up in a training set or an archive you never agreed to.

Who can access my firm's workspace?

Your firm. Every workspace is isolated and encrypted per firm, and access is restricted to authorized firm members.

On Referent's side, production access is limited to a small number of engineers, logged, and reviewed.

Join the next
generation of AI-native lawyers

Private beta for selected lawyers and law firms.

Apply for Private Beta

Personal invite

White-glove onboarding

No data training