ClausePilot Sub-processor Due Diligence Framework
Last Updated: 23 April, 2026
1. Introduction and Purpose
At ClausePilot, the security of our users' data is paramount. We understand that our users entrust us not only with their information but also with the profound responsibility of preserving client confidentiality and legal professional privilege. This responsibility extends to every third-party vendor, or "Sub-processor," that we engage to deliver our Services.
This Sub-processor Due Diligence Framework ("Framework") provides transparency into the rigorous process we follow to select, onboard, and continuously monitor our Sub-processors. It is designed to answer the critical question: "How do you ensure our confidential data remains safe and protected when handled by your partners?" This Framework should be read in conjunction with our Data Processing Agreement (DPA), Security Policy, and Privacy Policy.
2. Scope
This Framework applies to all third-party entities engaged by ClausePilot that Process User-Generated Content on behalf of our users, as defined in our DPA. A complete and current list of these approved Sub-processors is maintained in Appendix 2 of our DPA.
3. Selection and Onboarding Criteria
Before any Sub-processor is engaged, they must undergo a comprehensive due diligence process to ensure they meet our stringent security, privacy, and ethical standards.
3.1 Minimum Security & Compliance Requirements
Every potential Sub-processor must demonstrate:
- GDPR Compliance: Full adherence to the principles and obligations of the General Data Protection Regulation.
- Industry-Standard Security Certifications: Verifiable, current certifications, such as ISO 27001, SOC 2 Type II, or equivalent industry-recognized standards.
- Mature Security Program: Evidence of a robust internal security program, including vulnerability management, incident response, and employee security training.
3.2 Comprehensive Risk Assessment
Our security and legal teams conduct a thorough risk assessment covering technical, organizational, and legal domains to ensure the Sub-processor’s practices align with our commitments to legal professionals.
4. Mandatory Contractual Safeguards
Our legal agreements with Sub-processors are non-negotiable on critical data protection points. Every Sub-processor that handles User-Generated Content is bound by a GDPR-compliant Data Processing Agreement with ClausePilot that includes the following mandatory safeguards:
4.1 Non-Negotiable Clauses for AI API Providers
- Strict Prohibition on Model Training: A contractual and technical guarantee that User-Generated Content sent for analysis will never be used to train, fine-tune, or otherwise enhance any AI models.
- Zero Data Retention Policy: A binding obligation for the Sub-processor to immediately and permanently purge all User-Generated Content from their systems after the processing required to generate a response is complete.
4.2 Confidentiality and Privilege
All Sub-processor agreements include robust confidentiality clauses designed to protect information in line with the professional secrecy obligations of lawyers and to support the preservation of legal professional privilege.
5. Ongoing Monitoring and Review
Due diligence is a continuous process at ClausePilot. We ensure our Sub-processors maintain their high standards through:
- Annual Security Reviews: We conduct a formal review of each Sub-processor’s security posture and compliance status at least once a year. This includes verifying their certifications and assessing any changes to their security practices.
- Continuous Performance Monitoring: We monitor our Sub-processors for security alerts, service availability, and performance to ensure they consistently meet their contractual obligations.
- Right to Audit: Our agreements include the right for ClausePilot to audit the Sub-processor’s compliance with its contractual data protection obligations.
6. Transparent Sub-processor Management
We are committed to providing our users with full transparency and control over the Sub-processors we use. This process is governed by Section 5 of our DPA.
- Onboarding and Notification: Should we need to add a new Sub-processor, we will provide users with notice, as detailed in our DPA.
- User's Right to Object: As a Data Controller, you have the right to object to the addition of a new Sub-processor. The process for this is clearly defined in Section 5.4 of our DPA.
- Secure Offboarding: When a relationship with a Sub-processor ends, we follow strict offboarding procedures to ensure all access is revoked and any residual ClausePilot data is securely and permanently deleted from their systems in accordance with our agreements.