Insight
Zero Data Retention: Why Your Contracts Should Never Touch Someone Else’s Server
June 2026 · 9 min read · By Evans Selasi Adika
Most legal tech platforms store your contract text on their servers. Pactum does not. Here is why client-side processing matters, how the architecture works, and why law firms should refuse any tool that stores their contracts.
The Default Is Dangerous
When you upload a contract to most legal tech platforms, the file is sent to their servers. It is processed in their cloud. It is stored in their database. Some platforms retain the text for AI training. Others retain it for analytics. Even platforms that claim to delete your data often retain metadata, embeddings, or cached copies.
For law firms, this is unacceptable. Client contracts contain privileged information, trade secrets, pricing terms, and strategic details. Sending this data to a third-party server — regardless of their security certifications — creates risk that no engagement letter contemplates.
How Pactum Is Different
Pactum’s architecture is client-side first. Here is what that means in practice:
File conversion: When you import a .docx or PDF, the file is converted to HTML using mammoth.js, a client-side JavaScript library. The conversion happens entirely in your browser tab. The file is never uploaded to any server.
AI detection: The obligation detection engine runs in JavaScript in your browser. It uses pre-trained pattern matching — not a cloud API. No text is sent to OpenAI, Anthropic, or any other AI provider.
Playbook checks: Your playbook rules are stored in your browser’s session. They are never transmitted.
Storage: Contracts are saved to your chosen cloud provider — Google Drive, OneDrive, Dropbox, or AWS S3. Pactum never has credentials to your cloud. We cannot access your files even if we wanted to.
Three Questions Every Law Firm Should Ask
1. Where does my contract text go? If the answer involves the vendor’s servers, your client’s data is on someone else’s infrastructure.
2. Is my data used for AI training? If the answer is “not by default” or “you can opt out,” the architecture allows it. That is not the same as “impossible.”
3. What happens when I close the browser? If your data persists on their servers after you log out, they are retaining your data. Period.
Pactum’s Answers
1. Nowhere. Your text stays in your browser. 2. No. Impossible by architecture — we never receive your text. 3. Your data is on your cloud. We never had it.
Try Pactum → wearepactum.com