DWG PN-200 / TRUST CENTER

Built for the compliance bar that is coming.

Pantheon is designed so that ‘move fast’ and ‘stay compliant’ are not a trade-off. Here is exactly how your data is handled, who can do what, and what we record.

SHEET 02 / CONTROL SPECIFICATION

Six controls, built in from the start.

Approval built in, not bolted on: what exists, who holds it, where data can go, and what got recorded.

CONTROL SCHEDULE · SIX ITEMS DWG NO. PN-200
Item Control Specification
CTRL-01

Admin approval gate

No tool runs until compliance approves, configures and grants it. Ungoverned capabilities never reach a lawyer.

state: approved · configured · granted unapproved: does not exist to run
CTRL-02

Full audit trail

Every run is recorded step by step, with inputs, outputs, costs and approvals. Exportable for your own audits.

record: inputs · outputs · cost · approver exportable: yes
CTRL-03

Data stays in your environment

Pantheon operates inside your environment. Your documents and matter data do not leave it.

deploy: in-environment documents · matter data: do not leave
CTRL-04

Egress controls per tool

Each tool carries a data classification and an egress policy. A workflow can only send data where you have allowed it.

classification: per-tool outside boundary: block + log
CTRL-05

Least-privilege access

Granular grants per team and per person. People and workflows get only the access they need, nothing more.

access: least-privilege granted: per-person · per-team
CTRL-06

Human-in-the-loop approvals

Insert review gates anywhere, in series or parallel. High-risk steps wait for a person before they proceed.

Hold point gate: series · parallel
NOTE: ENFORCED BY THE PLATFORM ON EVERY RUN, NOT WRITTEN IN A POLICY.
WHERE WE STAND TODAY
Encryption in transit and at rest SOC 2 Data stays in your environment Human-in-the-loop approvals ISO 42001 aligned (in progress)
SHEET 03 / EGRESS CHECK

You always know where data went.

DETAIL / RUN-TIME ENFORCEMENT

Every tool declares how it handles data, and egress controls enforce it at run time. When a workflow would send information outside an approved boundary, it is blocked and logged, not quietly allowed.

  • A data classification on every tool
  • Egress decisions recorded on every run
  • Blocked actions surfaced, never hidden
Egress check enforced
Redline vs playbookstays in your environment approved
Send to owner (Outlook)approved recipient domain approved
External web searchwould leave your environment blocked
DWG NO. PN-200EGRESS: BLOCK + LOG
SHEET 04 / ISSUED TO REVIEWER

What your security team gets.

  • A written data-handling descriptionPer tool, so your reviewer sees exactly what moves where.
  • Our list of sub-processorsWho we rely on and for what.
  • SOC 2 status and roadmapWhere we stand today, in writing.
  • A walkthrough with our teamA live session for your security and procurement leads.
OVERVIEW REQUESTPN-200

Leave your work email and we will send the data-handling description, sub-processor list and current SOC 2 roadmap, then set up a walkthrough with your team.

ISSUED TO YOUR WORK EMAIL · WALKTHROUGH SCHEDULED WITH YOUR TEAM

SHEET 05 / RFI REGISTER

The answers your security team will ask for.

RFI-01Do you train models on our data?
No. Your data is used to run your workflows, not to train models.
RFI-02Where is our data stored?
Inside your environment. Pantheon is deployed so that your documents and matter data stay under your control.
RFI-03Can we use our own model keys or self-host?
That is exactly the kind of arrangement we set up with design partners. Talk to us about your requirements.
RFI-04What happens in an incident?
We follow a documented response process and notify you promptly. Full run logs make the scope of any issue clear.
SHEET 06 / ISSUE FOR REVIEW

Give your security team less to worry about.

Join a small cohort of legal teams shaping Pantheon before general availability.

EVERY TOOL APPROVED · EVERY RUN AUDITED · DATA STAYS IN YOUR ENVIRONMENT