Built for the compliance bar that is coming.
Pantheon is designed so that ‘move fast’ and ‘stay compliant’ are not a trade-off. Here is exactly how your data is handled, who can do what, and what we record.
Six controls, built in from the start.
Approval built in, not bolted on: what exists, who holds it, where data can go, and what got recorded.
Admin approval gate
No tool runs until compliance approves, configures and grants it. Ungoverned capabilities never reach a lawyer.
state: approved · configured · granted unapproved: does not exist to run Full audit trail
Every run is recorded step by step, with inputs, outputs, costs and approvals. Exportable for your own audits.
record: inputs · outputs · cost · approver exportable: yes Data stays in your environment
Pantheon operates inside your environment. Your documents and matter data do not leave it.
deploy: in-environment documents · matter data: do not leave Egress controls per tool
Each tool carries a data classification and an egress policy. A workflow can only send data where you have allowed it.
classification: per-tool outside boundary: block + log Least-privilege access
Granular grants per team and per person. People and workflows get only the access they need, nothing more.
access: least-privilege granted: per-person · per-team Human-in-the-loop approvals
Insert review gates anywhere, in series or parallel. High-risk steps wait for a person before they proceed.
gate: series · parallel You always know where data went.
Every tool declares how it handles data, and egress controls enforce it at run time. When a workflow would send information outside an approved boundary, it is blocked and logged, not quietly allowed.
- A data classification on every tool
- Egress decisions recorded on every run
- Blocked actions surfaced, never hidden
What your security team gets.
- A written data-handling descriptionPer tool, so your reviewer sees exactly what moves where.
- Our list of sub-processorsWho we rely on and for what.
- SOC 2 status and roadmapWhere we stand today, in writing.
- A walkthrough with our teamA live session for your security and procurement leads.
Leave your work email and we will send the data-handling description, sub-processor list and current SOC 2 roadmap, then set up a walkthrough with your team.
ISSUED TO YOUR WORK EMAIL · WALKTHROUGH SCHEDULED WITH YOUR TEAM
The answers your security team will ask for.
RFI-01Do you train models on our data?
RFI-02Where is our data stored?
RFI-03Can we use our own model keys or self-host?
RFI-04What happens in an incident?
Give your security team less to worry about.
Join a small cohort of legal teams shaping Pantheon before general availability.
EVERY TOOL APPROVED · EVERY RUN AUDITED · DATA STAYS IN YOUR ENVIRONMENT