Join the waitlist
VakeelOS
Security · privileged communication, treated as such

Built for files that matter.

Legal data isn’t SaaS data. We treat your case files, draft notes, and client contacts the way a senior treats a brief: locked, logged, and never seen by anyone who didn’t need to.

AES-256
encryption at rest, managed keys
FIPS 140-2 validated module
TLS 1.3
in transit, HSTS preload
Default for all subdomains
India
primary region — Mumbai
Backup stays in-region
30 days
deletion SLA on closed accounts
Right-to-erasure honoured
Trust marks · verified before launch

Two verifications every chamber asks about — Bar Council enrolment for the advocate, and DPDPA alignment for the data. We check both before you onboard.

Bar Council VerifiedDPDPA CompliantMade in India
01
Region

India, only.

Every database, every file, every AI log sits inside Indian data centres in Mumbai. Backup replication stays inside India too. No data leaves Indian soil — not for a CDN, not for analytics, not for the model.

  • Primary region: Mumbai · India
  • Document vault hosted in India
  • Vector search hosted alongside the database
  • Sessions and rate limits stay in-region
02
Encryption

AES-256 at rest. TLS 1.3 in transit.

Document files, database columns, audit logs, and backups are encrypted at rest with AES-256. Every connection — UI, API, mobile — is TLS 1.3 only, with HSTS and certificate pinning for the mobile clients.

  • Managed customer master keys, per firm
  • Per-firm key rotation on a 90-day schedule
  • TLS 1.3, HSTS preload, certificate pinning
  • Backups encrypted, 30-day point-in-time recovery
03
Your data, your model

VakeelBrain never trains on you.

We have written zero-data-retention agreements with our LLM providers. Your prompts and uploaded case files are isolated, never logged for training, and never shared across firms. The model is a cost line — your work is the moat.

  • Zero-retention contract with Anthropic
  • Per-firm tenant isolation in vector store
  • Prompts redacted before any error telemetry
  • Opt-out of model improvement is the default
04
Compliance

DPDPA-aligned. DPA on request.

VakeelOS is built to the Digital Personal Data Protection Act, 2023. We provide a Data Processing Agreement on request, run quarterly penetration tests, and publish a deletion SLA. Privileged communication is treated as a first-class category.

  • DPA available for Firm and Enterprise plans
  • Annual penetration test by an empanelled CERT-In firm
  • Right-to-erasure honoured within 30 days
  • Sub-processor list published and notified before changes
The practical layer

Day-to-day controls, no checklist theatre.

Compliance posture is one thing. The other is what your senior junior actually touches at 4 PM. These are the controls that keep a chamber tidy.

OTP & SSO sign-in

OTP over Indian phone via Clerk. SAML SSO for Enterprise. No password resets to lose.

Granular role permissions

Senior, junior, clerk, accountant. Roles map to per-case visibility, not just module flags.

Tamper-evident audit log

Every read, edit, draft, send, payment status — appended to a per-firm audit trail.

Single-tenant on Enterprise

Dedicated database, dedicated document storage, optional private network peering for in-house teams.

“A clerk’s memory is the original audit log. Ours just doesn’t walk out at five o’clock.”

— Founding principle

Enterprise · single-tenant deployments

Need a custom DPA, private network peering, or on-premise?

Our security team will walk a corporate panel through architecture, audit logs, sub-processor lists, and the deletion SLA — on a call, in writing, before you sign.