AT A GLANCE
The key facts
HOSTING
Client matter content and workspace data sit on Google Cloud in the Zurich region (europe-west6). Encrypted at rest (AES-256) and in transit (TLS 1.2+).
AI INFERENCE
Prompts and document text are routed exclusively to EU/CH regions: Google Vertex AI in Belgium, and Microsoft Azure OpenAI in Switzerland North and Sweden Central. No inference in the US.
AI TRAINING
Customer data is not used to train or fine-tune AI models, neither by CASUS nor by the model providers we use. Zero-data-retention is agreed with all LLM providers.
ZERO DATA RETENTION
Vertex AI (Google) does not retain data beyond the request. For Azure OpenAI, CASUS has obtained an opt-out from abuse monitoring: no 30-day buffer, no human review by Microsoft.
ATTORNEY-CLIENT PRIVILEGE
CASUS and its staff act as Hilfspersonen des Anwalts (auxiliary persons of the lawyer) and are bound by professional secrecy under Art. 321 of the Swiss Criminal Code. Written confirmation is available to law firms on request.
LEGAL FRAMEWORK
Swiss revFADP and EU GDPR. Third-country transfers for operational services are covered by EU Standard Contractual Clauses with the Swiss addendum.
SUBPROCESSORS
The full list is published in our Trust Center.
Your data. Our promise.
Four commitments, contractually anchored.
No use for AI training
Client matter content and AI inputs and outputs are not used to train or fine-tune AI models. Contractually guaranteed by CASUS and through enterprise agreements with Google Cloud and Microsoft Azure.
No processing in third countries
Client matter content is processed exclusively in Switzerland and the European Economic Area. No data export to the US or other third countries.
No third-party access
No staff of the cloud providers we use have access to client matter content. Microsoft Azure abuse monitoring is disabled for CASUS (no human review).
No co-mingling of matters
Data is processed under strict matter separation and is never accessible to other customers.
Compliance
GDPR
revFADP
ART. 321
SCC
AUXILIARY
Attorney-Client Privilege
PROFESSIONAL SECRECY
Attorney-client privilege – preserved at all times
•
Attorney-client privilege under Art. 321 of the Swiss Criminal Code protects all information entrusted to a lawyer in the course of their professional activity. The protection applies without time limit and extends not only to the lawyers themselves, but also to their auxiliary persons (Hilfspersonen).
•
When processing client matter content, CASUS and its staff act as such auxiliary persons. They are therefore subject to the same criminally enforced duty of confidentiality as the lawyers they support. This obligation is anchored in their employment contracts, applies without time limit, and continues to apply after the end of employment. All subprocessors we engage are contractually bound by the same duty.
•
Auxiliary-person status is not merely a contractual construct; it shapes how CASUS is organised in practice: access to client matter content is limited to the technical minimum, staff receive professional-secrecy training, and all processes are designed so that the lawyer's duty of confidentiality is preserved at all times.
•
Law firms can request written declaration of auxiliary-person status at any time.
ZERO DATA RETENTION
No retention, no training
CASUS applies a consistent zero-data-retention approach across all AI models in use. Client matter content and AI outputs are not used to train or improve AI models, neither by CASUS nor by our AI subprocessors Google Cloud Vertex AI and Microsoft Azure OpenAI.
Client matter content is stored on Google Cloud in Switzerland. For AI processing, text is transmitted exclusively to EU/CH locations: Google Cloud Vertex AI in Belgium, and Microsoft Azure OpenAI in Switzerland North and Sweden Central. All transfers are encrypted.
FREQUENTLY ASKED QUESTIONS
FAQs
Is CASUS GDPR- and FADP-compliant?
How safe is confidential client and company data with CASUS?
Does using CASUS breach attorney-client privilege or professional secrecy?
Is my data used to train AI models?
What data do the connected AI models (LLMs) store?
Why is CASUS safer than public AI tools like ChatGPT?
How does CASUS prevent shadow IT in firms and companies?
Is my data transferred to the US?
Where can I find detailed information about CASUS IT security?
PRIVACY POLICY
Effective 1 April 2026
CASUS is a Swiss legal-tech platform. We help legal teams draft, review and manage documents with the support of Large Language Models (LLMs). Because you entrust us with sensitive documents, privacy is not an afterthought — it is a design constraint.
Who we are. CASUS Technologies AG, Uraniastrasse 31, 8001 Zurich, Switzerland. Contact for privacy matters: contact@getcasus.com.
What we process. Your account data (name, email, company, role), documents you upload, the prompts and instructions you send to our AI features, billing data, and technical data such as IP address and browser information.
Where your documents live. Customer documents and workspace data are stored on Google Cloud infrastructure in Switzerland. When you use AI features, document text and prompts are transmitted to Google Cloud (Vertex AI) in Belgium and to Microsoft Azure OpenAI in Switzerland and Sweden for inference. All transfers happen over encrypted channels.
AI and your documents. We use third-party LLMs (via Google Cloud Vertex AI and Microsoft Azure OpenAI) to power contract analysis and drafting. We do not use your documents to train AI models, and our enterprise agreements with Google and Microsoft prohibit them from doing so either. AI output can contain errors — please keep a human lawyer in the loop.
Who else sees your data. A small number of carefully selected service providers (listed in full in Section 10): payments (Stripe), support chat (Intercom), scheduling (Calendly), website analytics, and internal tools such as our CRM. None of them use your data for their own purposes.
Your rights. You can access, correct, delete, export, restrict or object to the processing of your personal data, and withdraw consent at any time. Write to contact@getcasus.com
Laws that apply. The Swiss Federal Act on Data Protection (FADP / revDSG) and, where applicable, the EU General Data Protection Regulation (GDPR). This policy is written to satisfy both.
TERMS OF SERVICE
At a glance
Who we are. CASUS Technologies AG, Uraniastrasse 31, 8001 Zurich, Switzerland. Contact: contact@getcasus.com.
Who these Terms bind. You are our contracting party as "Customer". The Customer can be a natural person subscribing in their own name (typically via our self-service sign-up) or an organisation such as a law firm, company or public institution. Where the Customer is an organisation, the individuals who log in ("Users") access the Service under the organisation's account. Where the Customer is a natural person, that person is both the Customer and the User.
What we offer. CASUS is an AI-powered legal productivity platform — a web application plus a Microsoft Word Add-in — designed for trained legal professionals to draft, review and work on documents.
AI is a draft tool, not a lawyer. Our AI features produce drafts and suggestions. Outputs are probabilistic and may be incomplete or inaccurate. You review and verify before relying on them.
Your data stays yours. You own what you upload and what the AI generates from it. We do not use Customer Data to train AI models. Details are in our Privacy Policy and our Trust Center at trust.getcasus.com.
Attorney-client privilege. For customers who are law firms, CASUS and its staff act as Hilfspersonen des Anwalts under Art. 321 of the Swiss Criminal Code — strict professional secrecy applies.
Free trial. 14 days free, no auto-conversion to a paid plan. If you do not subscribe, access ends.
Swiss law, Zurich courts. Swiss law applies. Disputes go to the ordinary courts of Zurich.
