Your data is protected.
ICO Registered
CaseFlow Automation Ltd is registered with the UK Information Commissioner's Office (Registration: ZC013423). All processing follows UK GDPR principles, with data minimisation and purpose limitation built into every product.
How we protect your data
Secure Authentication
Email verification, strong password policies, and leaked password protection (HIBP) on every account across the CaseFlow family.
Data Isolation
Row-level security ensures each firm's data is fully isolated. No customer ever sees another customer's records.
PII Redaction Gateway
Personal identifiers are automatically masked before any text reaches an AI provider. Privacy by design, not by promise.
UK GDPR Compliant
Built around UK GDPR principles: lawful basis, data minimisation, purpose limitation, and robust technical safeguards.
Document Handling by Design
For most workflows, PDFs and case files are parsed in the browser and only redacted text is sent for processing. Where a product must return a PDF output (for example LegalDocs Assist Medical Pagination, which produces a paginated bundle), source files are uploaded over an encrypted channel into an isolated, access-controlled workspace, processed, and the originals are deleted on completion.
Role-Based Access Control
Granular permissions ensure team members only access what they need. Managers oversee their team, while handlers focus on their cases.
- Manager and senior dashboards
- Handler-scoped case access
- Invite-only registration
Security features
- Encrypted data at rest and in transit
- Secure invite-only registration
- Automatic PII masking before AI processing
- AI providers do not train on your data
- Compromised password detection (HIBP)
- Audit logging for compliance