About
Precision over prediction.
VeriDoc began with a simple observation: every professional we talked to — attorneys, CPAs, financial advisors — was already using AI to draft, summarize, and analyze client documents. None of them trusted the output. All of them were shipping it anyway.
The court sanctions kept coming. The hallucination studies kept stacking up. The industry response was to build bigger, more confident generators. We took the opposite bet: build the quality gate that catches what the generators get wrong — and produce the audit trail that proves you checked.
Security & Trust
How we protect your clients' information.
VeriDoc handles sensitive legal, financial, and tax documents. Security is engineered into every layer — not bolted on.
Encryption everywhere
TLS 1.3 in transit. AES-256 at rest. Source files stored in a private, signed-URL-only bucket — no public access path exists.
Zero-retention defaults
Source documents and AI outputs are purged after each verification session. Only your encrypted audit trail persists, scoped to your account.
Row-level access control
Every database row is scoped by user via Postgres Row-Level Security. Even our own service cannot read across tenants without explicit auth.
Auth hardening
Passwords checked against the HaveIBeenPwned breach corpus. PKCE OAuth flow. Sessions auto-refresh and are invalidated on sign-out.
Compliance-aligned
Architecture designed against HIPAA, GLBA, and state bar confidentiality rules. SOC 2 Type II in progress.
No model training on your data
Your documents are never used to train AI models — ours or anyone else's. Each verification is ephemeral and isolated.
Operating principles
The four things we won't compromise on.
We don't decide — we inform.
Every flag includes the exact source sentence. The professional judgment, and the liability, stay with you.
Zero retention by default.
Source documents and AI outputs are purged after the verification session. Only your audit trail is retained — encrypted, and visible only to you.
Built for solo and small.
Enterprise tools are built for IT departments. VeriDoc is built for the practitioner who is the IT department.
Precision over prediction.
We refuse to ship features that make a claim we can't substantiate. We'd rather flag less and be right than flag more and be loud.
Contact
Talk to the team.
Questions about security, custom deployment, or whether VeriDoc fits your specific workflow? Send a note.