Privacy first

Built for lawyers who handle the most sensitive information. Your client data stays yours.

What we access

  • Email subject line
  • Sender and recipient email addresses
  • Date and time sent

What we never access

  • Email body content
  • Attachments or documents
  • Email threads or conversation history
  • Contacts beyond what's in your PMS

How we protect your data

  • Email metadata purged within 7 days of processing
  • All infrastructure hosted in Australia (GCP Sydney + AWS Sydney)
  • OAuth tokens encrypted with AES-256 at rest
  • LEAP and Clio are the source of truth. We store nothing long-term
  • Compliant with Australian Privacy Principles (APPs)
  • Message IDs stored as SHA-256 hashes only (for deduplication)
  • Auto-submit requires high confidence match. Nothing is billed without verification

Cloud AI matching

By default, MatterFile matches emails using Google Gemini via Vertex AI, hosted in the australia-southeast1 (Sydney) region. Here is exactly what happens with your data.

Zero data retention

We configure Vertex AI with zero data retention at the project level. In-memory caching is disabled. Abuse monitoring prompt logging is opted out. Your prompts and responses exist only for the duration of the API call, then they are gone.

No training on your data

Google contractually guarantees that your data will not be used to train or fine-tune any AI models. This applies to all managed models on Vertex AI and is part of the Google Cloud Platform Terms of Service.

Australian data residency

All data at rest is stored in the australia-southeast1 (Sydney) region. Google provides contractual data residency guarantees for data stored at rest in your selected location.

What the AI sees

Sent to Gemini

  • Email subject line
  • Sender and recipient email addresses
  • Contact names from your PMS
  • Matter descriptions from your PMS

Never sent to any AI

  • Email body or content
  • Attachments or files
  • Full conversation threads
  • OAuth tokens or credentials

Private AI

For firms that require complete data sovereignty, we offer a fully private AI instance. All matching runs on your own infrastructure. Zero data touches any external service.

Enquire About Private AI
  • Dedicated server on your network or private cloud
  • Zero data leaves your infrastructure
  • We install, configure, and maintain everything
  • Uses open-source Qwen3 model. No cloud API dependency
  • Meets the strictest AU privacy and compliance requirements