How PlainLaw Protects Your Contracts

Your contracts are not used to train AI models.

PlainLaw uses Anthropic's commercial API to process contracts. Under Anthropic's commercial terms, your inputs and outputs are not used for model training. Your contract text is sent to Anthropic solely for extraction and summary generation, then the analysis is stored in your account.

Contract files are deleted after processing.

Your contract file is processed to generate the analysis and then immediately deleted from our servers. We only retain the analysis results, including flagged provisions, key terms, risk scores, and summaries. We do not store your original contract documents.

Data is encrypted in transit and at rest.

All data transmitted between your browser and PlainLaw is encrypted via TLS. Analysis data stored in our database is encrypted at rest using AES-256 encryption.

You control your data.

You can delete any analysis from your dashboard at any time. When you delete your account, your data is permanently deleted within 30 days.

Access is restricted to your account.

PlainLaw uses row-level security policies so that each user can only access their own analyses, flags, and contract data. No other user can see your data.

Payments are handled by Stripe.

PlainLaw never sees or stores your credit card information. All payment processing is handled by Stripe, a PCI Level 1 certified payment processor.

Infrastructure.

PlainLaw is built on Supabase (SOC 2 Type 2 certified) for database and authentication, Vercel for hosting with automatic SSL, and Anthropic's commercial API for AI processing.