How CruxChat protects attorney-client privilege by design
Your data is yours. We couldn't read it even if we wanted to.
By default, CruxChat doesn't store your data. When you record and process a conversation, your reports are delivered directly to your browser. All audio, transcripts, and summaries are then wiped from our servers.
If you choose to save to the cloud — for example, to share reports with colleagues or to use features like CruxIntel — you provide a passphrase that only you know. All encryption and decryption happens on your device. The passphrase never leaves your computer. Your data is encrypted before it ever reaches our servers.
CruxChat cannot decrypt your data. There is no backdoor, no admin override, no "break glass" access. That's what zero-knowledge architecture means in practice: even the company that built the product cannot read your data.
What happens at every step — and what doesn't.
You record a conversation on your device.
Audio is encrypted and transmitted to our processing pipeline.
Transcription is performed by AssemblyAI, operating under a signed Business Associate Agreement.
Summaries are generated by Anthropic's Claude, operating under a signed Business Associate Agreement.
Your role-specific reports are delivered directly to your browser.
All audio, transcripts, and summaries associated with this request are wiped from our servers.
You decide what to keep. You might save to share reports with associates, leverage CruxIntel analysis, or access your work across devices. If you save, you set a passphrase. Encryption happens on your device before data is transmitted — the passphrase never leaves your computer. Audio, transcripts, and summaries can each be retained or deleted independently.
CruxChat is not an archival solution. For long-term retention, you can download your artifacts in cleartext to your local system and manage them through your firm's existing archival processes.
We name our vendors because transparency is the point.
CruxChat integrates with industry-leading AI providers — each selected for quality, security, and the ability to operate under healthcare-grade data agreements.
No other third parties touch your conversation data. CruxChat's architecture is designed so that as these providers advance, your results improve without compromising your security posture. This is how we deliver state-of-the-art results even as the state-of-the-art shifts.
We treat access to this platform as seriously as you treat access to client data.
Every CruxChat account is manually reviewed and approved. There is no self-service signup. We verify that account email addresses match the firm's domain, and only individuals explicitly authorized are granted access. We are protective of our infrastructure because we take the security of our platform as seriously as you take the security of your client relationships.
How CruxChat maps to the duties Opinion 512 asks you to manage.
Every point in every summary links to the specific transcript lines where it was discussed. Attorneys can verify any extracted fact, deadline, or action item with a single click. The tool is explainable because every output traces to what was actually said.
Zero-knowledge architecture with passphrase encryption. Business Associate Agreements with all data processors. Server-side data wiped after delivery. No data used for AI training. Cloud storage is optional, encrypted, and accessible only by the user.
All sharing is explicit and attorney-initiated. Nothing is distributed automatically — the attorney decides what to share, with whom, and when. Traceability enables supervisors to verify the basis for any extracted item before it's shared.
Client summaries are generated in plain English to support clear communication. The tool increases throughput — helping firms handle more matters efficiently rather than inflating hours on existing ones.
CruxChat doesn't create records you didn't choose to keep.