Data Processing Purpose
Why Veruscope processes data and how that processing relates to authorization and purpose limitation.
Status: draft foundation · Effective date: effective date pending review
This page is a draft foundation document. The English version is maintained as the original draft for Sax Group LLC, and the Portuguese version is provided for user accessibility. Both versions require qualified counsel review before public launch.
This page explains, as a draft foundation, why Veruscope processes data and the purposes that processing serves. It is intended to support future official outreach and user consent flows. It does not itself implement consent tracking, and it is subject to legal review before public launch.
Why Veruscope processes data
Veruscope processes data to provide operational visibility over legal-adjacent contexts — helping users understand what changed, what may require attention, and what should be reviewed by a qualified professional. Processing is tied to the contexts and documents a user chooses to bring into a workspace.
Categories of processing
- Organizing cases, documents, signals, actions, and agreements for review.
- Registering forwarded emails and uploaded or submitted documents.
- Monitoring official-source metadata where available.
- Generating operational AI summaries when those features are enabled and authorized.
- Maintaining security, audit, and support records.
Relationship to Monitoring Authorization and Privacy Gates
A Monitoring Authorization is an internal visibility scope inside Veruscope that ties a context (such as a case, CPF/CNPJ, or client context) to a workspace. It is not legal representation, legal advice, or a power of attorney. Privacy gates and access controls govern what is visible inside the platform, and processing is intended to stay within the scope a user has authorized.
Purpose limitation
Data is intended to be processed for the operational-visibility purposes described here and not for unrelated purposes. Veruscope does not sell user data. The final, jurisdiction-specific legal basis and purpose-limitation language should be reviewed by counsel before public launch.
User-triggered processing
- User-triggered imports — processing of contexts and records a user chooses to add.
- Document uploads — documents a user uploads, along with their metadata.
- Email forwarding — emails forwarded to a workspace address, registered for review.
- Third-party document request links — documents submitted by others through a scoped link a user shares.
- AI processing when enabled — extracted text processed by AI features only when those features are enabled and authorized.
Support access and broken glass
Support access to a workspace is scoped, time-limited, audited, and revocable; it is not a Monitoring Authorization and does not create legal representation. Broken glass is an internal, reason-required, time-limited, audited emergency procedure and is not a customer-visible workflow.
Audit trail
Veruscope keeps internal audit and security records of actions taken in the platform for accountability and review. A filtered, customer-safe view of activity may be made available; it is not the full internal audit log.
Revocation and limitations
Authorizations and support access can be limited or revoked. Operational visibility depends on what is authorized and on the availability and completeness of official sources, which may be incomplete or delayed. Final descriptions of revocation effects and data retention should be reviewed by counsel before public launch.
Court document access and future imports
Veruscope provides operational visibility. It is not a law firm and does not provide legal advice.