Susan was built from the ground up around a single principle: the only safe place for your clients' confidential information is your own building.
Cloud AI tools are powerful. They are also a serious compliance risk for solicitors. Here's why.
The SRA expects solicitors to understand exactly where client data goes when they use AI tools. Using ChatGPT or Microsoft Copilot to draft documents means data is sent to and potentially retained by a third-party US company. SRA Principle 6 (confidentiality) applies regardless of which tool you used.
Under GDPR, any third party that processes personal data on your behalf is a data processor. Article 28 requires a written Data Processing Agreement with each processor. Every cloud AI tool that touches your clients' data is a processor — you need a DPA with each of them.
If your AI provider suffers a data breach, your clients' information may be exposed — and the ICO may consider your firm to have been the controller. Even with a DPA in place, a breach involving client files is a reportable incident. Firms that fed client data into AI tools without safeguards have faced regulatory scrutiny.
The AI runs on your dedicated server. The database runs on your dedicated server. Whether that server is in your office or a UK data centre you control, the data never reaches a shared cloud infrastructure.
The language model runs on a GPU server you control — your office or a UK-hosted dedicated instance — using Ollama. AI inference happens entirely on your own hardware. No API call to OpenAI, no data sent to Anthropic, no query logged by Microsoft.
All matter data, contact records, documents, and time entries are stored in a PostgreSQL database running in Docker on your own server. We use Supabase's self-hosted stack — but in this deployment, Supabase never connects to Supabase's cloud infrastructure.
After the initial setup — which downloads the AI model over the internet once — Susan makes no outbound connections for AI processing. The model runs entirely on your own server. No external AI API is ever called, regardless of whether your server is in your office or a UK data centre.
Because everything runs on your own infrastructure, you control the encryption keys, the backup policy, and the retention schedule. There is no vendor lock-in on your data. You can export everything at any time in standard formats.
Susan is a private install. The security architecture above is not a premium tier — it applies to every firm. Your server, your data, your jurisdiction. There is no deployment mode where your client data leaves infrastructure you control.
The legal profession has obligations that most other industries don't. Here's why the architecture of Susan is a feature, not just a technical choice.
SRA Principle 6 requires you to act in a way that upholds public trust in the legal profession. SRA guidance published in 2024 explicitly notes that firms must ensure AI tools do not compromise client confidentiality. Sending client data to a third-party AI service creates a confidentiality question your COLP must be able to answer. With Susan, the answer is simple: the data never left.
Article 28 of the UK GDPR requires a written contract with any third party that processes personal data on your behalf. Susan eliminates the AI processing risk entirely — the AI runs on your own server and never calls a third-party AI service. If you deploy on a UK VPS, your hosting provider is a standard infrastructure processor (the same as any hosted email or file server) and requires a standard DPA — not an AI-specific one.
The ICO recommends completing a DPIA before implementing new technology that processes personal data at scale. For Susan, the DPIA is straightforward: data stays on your own servers, is processed by software you control, and is subject solely to your own data handling policies.
Courts have not yet definitively ruled on whether transmitting privileged communications to a third-party AI service waives privilege. The safest position is to ensure privileged communications are processed on infrastructure you fully control. Susan makes this the default — not the exception.
Book a 30-minute demo and bring your COLP's questions. We can walk them through every control.