Deal materials are the most sensitive data class there is — unreleased code, and the existence of the deal itself. The architecture starts from that fact. Everything on this page is documented, auditable, and part of the security review pack.
Every AI feature — scanning synthesis, IP clause analysis, report narrative — runs inside our private environment, in the region that holds your deal. Your materials are never sent to AI vendors and are never used for training. Details are in the security review pack.
Amsterdam. Sovereign hosting with EU-controlled managed services; the home region of the platform and of Codekeeper B.V.
Virginia. Fully isolated US environment for US-law deals — same architecture, same controls, US-resident data.
UK (London) and other jurisdictions with in-region inference support, provisioned per deal on request — the same architecture and controls, stood up in the region your deal requires.
Every permission decision is evaluated per deal, per role, per stage — and enforced a second time at the database layer with row-level security.
TLS 1.3 in transit, AES-256 at rest. Deposits are envelope-encrypted with per-deal data keys held in a KMS/HSM in the deal’s region.
All code handling — clone, build, scan — runs in ephemeral micro-VMs with no network egress. Outputs leave only through the findings contract.
Sealed snapshots and IP Packages sit under object lock in separate storage accounts — immutable for the full retention term, by construction.
An append-only event log per deal. Any tampering breaks the chain; the chain is part of what gets sealed at closing.
Production access uses short-lived credentials and hardware keys. Support access to deal materials requires two people — and shows up in your audit log.
Each deal carries an append-only, hash-chained event log — every view, download, sync, scan, and sign-off. Counsel can export it; disputes can rely on it. Even our own support access is dual-controlled and appears in your log.
Codekeeper is ISO 27001 certified, and Transaction Services runs on the same information-security management system. Deal materials are handled to GDPR standards, with processing kept in your deal's region — supporting the frameworks your compliance team reports against.
The review pack answers the questionnaire before it's sent.