Security & data handling

Tertius sells a number people rely on, so this page is written the way the rest of the site is written: what the product actually does, stated plainly, with planned work labeled as planned.

Your data never trains the shared model

The production model is trained exclusively on public federal court records (the Federal Judicial Center's Integrated Database — roughly 9.1 million civil cases). No customer case data is in it. Outcomes you record are used for exactly two things: scoring Tertius's accuracy on your own book, and counting toward clearly-labeled future recalibration milestones. Captions, parties, and amounts are never shared across customers.

Per-organization isolation

Every record hangs off your organization. Access is authenticated with per-organization API keys, and every API endpoint enforces org scoping — one organization cannot read, list, or infer another organization's cases, forecasts, or outcomes.

Deployment options

Data is stored in a database (SQLite or Postgres) controlled by the deployment. For customers who require it, Tertius is available as a single-tenant deployment: your instance, your database, no co-tenants. Hosted demos can additionally sit behind an HTTP basic-auth gate.

Encryption in transit

All traffic to hosted instances is encrypted in transit with TLS.

Retention and deletion

Retention is configurable per organization (a retention-days setting on your org). Deleting a portfolio is real and immediate — it removes the cases and their recorded outcomes, not just a flag. See the privacy policy for the full deletion picture.

Provenance and auditability

Every forecast is version-stamped with the model that produced it and is reproducible byte-for-byte. An audit log records account activity on paid plans.

Roadmap — stated as roadmap

We don't claim certifications we don't hold. The following are planned, not current:

  • Roadmap: SOC 2 Type II — we do not currently hold a SOC 2 report and do not claim one. It is on the roadmap, gated on customer demand; single-tenant deployment is the available control today.
  • Roadmap: SSO / SAML — planned as an Enterprise feature. Authentication today is per-organization API keys.
  • Roadmap: Encryption-at-rest attestation for hosted multi-tenant instances — available today by deployment configuration; formal attestation is roadmap.

Questions a security review needs answered — data flows, deployment architecture, subprocessors — are handled directly during diligence. See also the privacy policy and terms of service.