Trust Center
Commercial trust docs, in one place
This is the current source of truth for LegalKit’s public security posture, subprocessor list, data-processing summary, and responsible AI controls.
Last updated: March 9, 2026
Security
Current controls, limitations, and how LegalKit handles platform security today.
Subprocessors
Core and optional vendors that may process customer data for LegalKit features.
Data Processing
Controller/processor roles, transfer posture, and how to request a signed DPA.
Responsible AI
Where AI is used, where it is not, and why human review is required before publishing.
Important limits
- Generated policies are templates and should be reviewed before publication.
- AI agents should stay in draft mode unless a human explicitly confirms publication.
- For regulated or unusual use cases, attorney review is still the right bar.