HomeThe Review PlatformChain of Custody

Chain of Custody, End to End

Immutable originals, content hashing, full lineage, inventory sign-off, and append-only audit trails.

Because the output is evidence, custody discipline is engineered in rather than promised. Every claim below is a property of how the platform stores and processes data - not a policy document.

Originals Never Change

The collected evidence lives in versioned storage that is never rewritten or deleted. All derived work - extracted archives, OCR text, transcripts, production packages - lands in a separate, never-deleted staging area. The original bytes your custodian handed over remain exactly as collected, forever.

Every Step Recorded

  • Every item carries a content hash from the moment it enters the system.
  • Deduplication is a recorded processing step, never silent data loss.
  • Lineage links every searchable passage back to the exact original file - for emails, down to the byte offset of the message inside the collected mailbox.
  • Everything the platform generates is flagged as derived work product, cleanly separated from native ESI.

Gates and Audits

  • Inventory sign-off. Before production-grade processing begins, a reviewer verifies the exact collection inventory and the platform snapshots it. Any later change voids the sign-off and blocks processing until re-verified. No bypass, by design.
  • Full reconciliation. A dedicated view proves that 100% of collected files are accounted for - searchable, catalogued as containers, or explicitly marked unsupported. Nothing is silently missing.
  • Append-only audit. Review decisions, privilege overrides, applied amendments, and approved contributions are recorded append-only. Items can be retracted; history cannot be erased.

Works Together With

Frequently Asked Questions

How can you prove the evidence was never modified?

The collected originals live in versioned storage that is never rewritten or deleted, every item carries a content hash, and lineage links every searchable passage back to the exact original file - for emails, down to the byte offset of the message inside the collected mailbox.

Is deduplication defensible?

Yes. Deduplication is a recorded processing step, never silent data loss. Duplicate copies collapse into one reviewable record while the provenance of every copy is preserved, so the record shows exactly what was collected and how it was consolidated.

What stops processing from starting on an unverified collection?

An inventory sign-off gate. Before production-grade processing begins, a reviewer verifies the exact collection inventory and the platform snapshots it. Any later change to the collection voids the sign-off and blocks processing until a human re-verifies. There is no bypass, by design.

Are AI outputs kept separate from the evidence?

Yes. Everything the platform generates - OCR text, image descriptions, transcripts, coding - is flagged as derived work product. It is searchable next to the evidence but can never be produced as if it were native ESI.

See it on your matter

Bring us a messy collection - mailboxes, scans, phones, recordings - and watch it become one searchable, defensible record.