Trust & security
Security at Custonic
Custonic processes sensitive commercial agreements. We treat that responsibility with the same rigor we ask our customers to bring to their contracts. Security is not a feature — it's the architectural foundation.
EU data residency
All data is stored and processed within the European Economic Area. Supabase EU region and Vercel EU edge network. No data leaves Europe unless you explicitly configure it.
All infrastructure runs in EU regions. Supabase database in Frankfurt (eu-central-1). Vercel edge functions run in EU. Even our analytics through PostHog are EU-hosted.
We selected every vendor in our stack specifically for EU data residency support, because our customers should not have to choose between AI speed and regulatory comfort.
No data is transferred outside the EEA at any point in the processing pipeline unless you explicitly configure it.
Encryption at every layer
TLS 1.3 in transit. AES-256 at rest. Uploaded contracts are encrypted in Supabase Storage before they touch the disk. Access is controlled through row-level security policies.
Contracts are encrypted with AES-256 at rest in Supabase Storage. All API communication uses TLS 1.3, and database connections are encrypted end to end.
File hashes (SHA-256) are computed on upload for integrity verification and duplicate detection, helping us confirm that the document analyzed is the document you submitted.
Security controls are layered: transport, storage, database access, and application safeguards reinforce each other rather than relying on a single perimeter.
Your data is never used for AI training
Anthropic's API policy guarantees that contract content sent for analysis is not retained or used for model training. Data is processed and discarded. Your agreements remain yours.
We use Anthropic's Claude API for contract analysis. Under Anthropic's commercial API terms, data sent via the API is not used for model training and is not retained after processing.
Contract content is sent, analyzed, and the structured results are stored in your account. The raw content is not persisted in Anthropic's systems as part of model improvement.
That means your agreements remain yours: processed for insight, not absorbed into a general-purpose model.
Row-level tenant isolation
Multi-tenant architecture with database-level isolation. Even if application code has a bug, one organization's contracts can never be accessed by another. Enforced by PostgreSQL RLS policies.
Every database table with organization-scoped data has PostgreSQL Row Level Security (RLS) policies that enforce strict tenant isolation.
Even if application code were to contain a bug, the database itself prevents cross-organization data access. That is defense in depth: application filtering and database enforcement working together.
For B2B customers, this matters because the most important security control is not only who can log in — it is what they can never see.
Full audit trail
Every action — upload, analysis, export, team change — is logged with timestamp, user, and IP address. Designed for SOC 2 audit readiness from day one.
All significant actions are recorded in an immutable audit log: contract uploads, analysis runs, team member changes, settings modifications, and data exports.
Each log entry captures the user, action, timestamp, IP address, and affected resource so your team can reconstruct who did what and when.
This was designed for SOC 2 Type II audit readiness from day one, not bolted on as an afterthought.
GDPR by architecture
Right to access, rectify, erase, and port your data. Cookie-minimal design with only essential authentication cookies. Analytics via PostHog EU with anonymized data. No third-party advertising trackers.
Custonic is built to support data subject rights: access, rectification, erasure, and portability. Privacy obligations are treated as product requirements, not documentation tasks.
Cookie usage is minimal and limited to authentication and session management. There are no third-party advertising cookies and no cross-site tracking layer hidden behind a consent banner.
Our privacy policy is available in all supported languages, and a Data Processing Agreement (DPA) is available for Enterprise customers.
Questions about security? Contact security@custonic.com
Security-first launch access
Join the waitlist if your contract data posture matters as much as the AI output
We are speaking with early customers that need EU-first data handling, tenant isolation, and explainable contract analysis from the start.
EU-hosted. No spam. Unsubscribe anytime.