privacy manifesto

your draft is none of our business — except enough of it to mark the cites.

Most legal-tech tools route your document through a server. They have to — that's where the model lives, or the database, or the "secure cloud." Veraciting was built around a different floor: nothing leaves your machine. Not the document. Not the cites. Not the verification queries. Nothing.

commitments

things we never do.

These aren't aspirations or feature roadmaps. They are architectural facts about how Veraciting is built. The product would have to be redesigned to do any of these.

send your document text to a server (any server, ours or otherwise)
train a model on your briefs, drafts, or marked cites
require a sign-in to open a document or run a scan
phone home with case names, party names, or client identifiers
retain a transcript of what you asked us to verify
share, sell, or license any per-user analytics
include third-party analytics SDKs in the add-in
use cookies on this website to fingerprint or remarket

how it actually works

what runs where.

A complete map of every data flow in the product. We've kept it short because there isn't much to say.

on your machine

cite detection

The pattern matchers that recognize case names, reporter cites, statutes, and regulations run entirely inside the add-in's JavaScript context — inside Word, on your computer.

on your machine

verification lookups

v1.5 resolves cites against a local index file (~12 MB compressed) stored in browser-local storage. No verification query ever leaves your laptop.

on your machine

TOA insertion

The table is inserted using Word's native field machinery, locally, the same way Word's built-in tools work. We're not in between.

over the network

index updates

Once a quarter (or on your schedule), Veraciting downloads a new compressed index from a static CDN. The download is a single file with a known SHA-256. We don't see your machine; we serve the same file to everyone.

over the network

license check

Once a month, the add-in confirms your license is active by sending a single license key to licenses.veraciting.com. The response is yes/no. No document content; no cite content.

opt-in only

crash diagnostics

Off by default. If you turn it on in Settings, we receive crash stack traces (no document content, no cite content) so we can fix the bug that crashed your add-in.

what's stored locally

three small files. all on your computer.

~12 MB

the verification index

Compressed indexes of reporters, codes, regs, and agency precedent. Refreshed quarterly by default. You can delete and re-download anytime from Settings.

~30 KB

your preferences

Citation style, jurisdictions, hyperlink rules, namespace, telemetry opt-in. Lives in browser-local storage. Cleared when you uninstall.

per document

your marks

Cite marks live inside the .docx file you saved — as Word bookmarks under the veraciting_TA_ prefix. They travel with the document. If you uninstall, the marks stay; they're just Word bookmarks.

privilege & work product

we're not a third party to your file.

The lawyer who built this is also a working attorney. The minute a draft brief crosses the network to a vendor, attorney-client privilege gets complicated, and work-product doctrine starts to get litigated. Veraciting was built so that question never has to be asked.

A defensible answer to "where does your draft go when you use Veraciting?" is: nowhere. The same place it lived before you installed the add-in. Your laptop.

compare

tool type	draft leaves machine?
chatbot cite-check	yes — every prompt
cloud SaaS TOA tools	yes — on upload
Westlaw / Lexis (legacy)	queries do
Veraciting	no

court hyperlink rules

where permitted. never where forbidden.

Some courts welcome hyperlinked citations; some are silent; one — the Federal Circuit — explicitly directs counsel not to hyperlink appendix cites. Veraciting reads each court's local rules and chooses the right behavior, by default.

court	hyperlinks in TOA	Veraciting default
Supreme Court of the United States	permitted	on
Federal Circuit (CAFC)	forbidden for appendix cites	off for appendix · on for cases
2d, 9th, D.C. Circuits	permitted	on
state appellate (most)	permitted; sometimes encouraged	on
EOIR / BIA briefs	silent · convention is plain	off

defaults are configurable in Settings · always overridable per-document

security posture

small surface, small attack surface.

A Word add-in that doesn't send data over the network is hard to exfiltrate from. Most of what would constitute "security" for a cloud SaaS is moot here — there's no cloud.

signed add-in package; verified by Microsoft AppSource at install
index downloads served from CDN with integrity hashes (SRI)
license key calls over TLS 1.3 only · no fallback
no third-party SDKs in the add-in package
open vulnerability disclosure: [email protected]

What about Microsoft? The add-in runs inside Word, which is a Microsoft product. Word may have its own telemetry — that's between you and Microsoft. Veraciting doesn't add to it.

What about your law firm's IT? Veraciting can be deployed via Microsoft 365 Admin Center for centralized rollout. The add-in's network behavior is documented for IT teams who need to whitelist licenses.veraciting.com and cdn.veraciting.com.

your brief, your machine, your file.

Install Veraciting and the only thing that changes is how long it takes to build the table.

Install Veraciting Who built this →