Built for legal teams who take confidentiality seriously

TwinCounsel is designed from the ground up to protect attorney-client privilege and meet the strictest data security standards.

๐Ÿ”’

Read-only access

TwinCounsel only reads your emails. We never send messages, modify content, or take actions on your behalf. You remain in complete control.

๐Ÿ›๏ธ

US data centers

All data is stored and processed exclusively in US-based data centers operated by AWS. Your client information never leaves the country.

๐Ÿ›ก๏ธ

Designed for SOC 2 & ISO 27001

Our infrastructure is built to meet SOC 2 Type II and ISO 27001 security standards, with certification in progress.

๐Ÿ”

Encryption everywhere

Bank-grade AES-256 encryption for data at rest and TLS 1.3 for data in transit. Your communications are protected at every step.

How We Protect Your Data

Email access

  • Read-only OAuth access to Gmail/Google Workspace and Microsoft 365
  • We cannot send emails on your behalf
  • We cannot delete or modify your emails
  • Access can be revoked instantly from your email provider settings

Data handling

  • Data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Processed and stored exclusively in US data centers
  • Regular third-party security audits
  • Automatic data deletion upon account cancellation

Employee access

  • No routine human access to your email content
  • All access is logged and monitored
  • Background checks for all employees
  • Strict need-to-know access policies

Ethics & Compliance

We've consulted with legal ethics experts to ensure TwinCounsel can be used responsibly within professional conduct rules, including guidance from ABA Formal Opinion 512 on generative AI.

Attorney-client privilege: TwinCounsel operates as a tool under the attorney's supervision. Information processed by TwinCounsel maintains its privileged status, similar to other practice management software.

Duty of competence: Using AI appropriately can actually help attorneys meet their duty of competence by enabling more thorough case preparation and reducing the risk of missed deadlines. ABA Formal Opinion 512 affirms that lawyers must understand the capabilities and limitations of AI tools they use.

Duty of confidentiality: Our security measures are designed to protect client confidentiality to the same or higher standard as other legal technology tools. Per ABA Formal Opinion 512, we do not use your data to train AI models.

We recommend attorneys review their state bar's guidance on technology use and make informed decisions about AI tools in their practice.

Your Rights

Data portability

Export all your data at any time in standard formats.

Right to deletion

Request complete deletion of your data within 30 days.

Access control

Revoke our email access instantly through your email provider settings.

Transparency

Review our privacy policy and data practices anytime.

Security FAQ

Can your employees see my client emails?

No. Our systems process your emails automatically, but human employees do not have routine access to email content. The rare exceptions (debugging with explicit permission) are logged and audited.

What happens if TwinCounsel is breached?

In the unlikely event of a security incident, we maintain incident response procedures including prompt notification to affected users, investigation, and remediation. We conduct regular security testing and maintain comprehensive incident response planning.

How do I delete my data?

You'll be able to request data deletion at any time through your account settings or by contacting support@twincounsel.com. We will delete all your data within 30 days of your request.

Do you sell my data to third parties?

Absolutely not. We do not sell, share, or monetize your data in any way. Your information is used solely to provide the TwinCounsel service.

Is using TwinCounsel ethically permissible?

Yes, when used appropriately. AI tools like TwinCounsel are similar to other legal technology โ€” they're tools that attorneys supervise and remain responsible for. We recommend reviewing your state bar's guidance on technology use.

Ready to learn more?

See TwinCounsel in action and learn how we protect your data.