Zero data retention in the processing layer
Client data submitted for processing is handled statelessly and purged within 24 hours.
Security & Compliance
Security is foundational, not optional.
Enterprise-grade protection for case data, from day one. SOC 2 compliant. Zero data retention in the processing layer. No model training. Encrypted at rest and in transit.
Security Posture
How we protect client data.
The Secure Sandbox
OnTrial operates within a segregated enterprise environment rather than consumer-grade tools — serving as a technical fiduciary for client data.
No model training
Your case data is never used to train, tune, or improve foundation models.
Encryption at rest and in transit
All data uses industry-standard encryption protocols across transit, storage, and processing stages.
Data Architecture
How data flows — and where it doesn't stay.
Defined sub-processor ecosystem
Every authorized platform handling client data is documented and governed by enterprise agreements with explicit security standards.
24-hour purge cycle
All transient data — input artifacts, intermediate processing files, and generated reports — is automatically purged from the processing environment within 24 hours.
Dual-layer storage
Permanent case files remain in secure, access-controlled infrastructure separate from temporary processing environments.
Access & Governance
- Audit-ready infrastructure with full activity logging
- Role-based access control with granular permissions
- Client data lifecycle management and deletion control
Investigative Compliance
FCRA & GLBA
Licensed investigators & insured agents
CCPA & SB 1454
Human Review on every case