Security — How CustodyNote Protects Your Data
CustodyNote encrypts all client data locally on your device using AES-256 encryption. No data leaves your laptop unless you enable optional cloud backup, which uses AWS infrastructure in London (eu-west-2) with encryption in transit and at rest. There is no third-party access to your data.
Criminal defence practitioners handle some of the most sensitive personal data in the legal system: custody records, disclosure details, consultation notes, and client instructions given under legal professional privilege. The security model behind CustodyNote is designed around that reality — not around the convenience of a SaaS dashboard.
Local encryption with AES-256
Every record you create in CustodyNote is encrypted on your device before it is written to disc. The encryption standard is AES-256, the same cipher suite used across government and financial services for protecting classified and sensitive material. Your data is stored in an encrypted local database on your Windows laptop or tablet — not on a remote server, not in a browser cache, and not in a temporary file that another application might read.
This means that even if your device is seized, lost, or stolen, the contents of your attendance notes are not accessible without the correct credentials. For firms handling legally privileged material, this is not optional — it is the baseline.
No third-party access
CustodyNote does not share your data with any third party. There is no analytics platform reading your notes, no AI model training on your client records, and no advertising network receiving metadata about your work. The application does not phone home with case data. Your notes stay where you put them: on your machine, or in your own encrypted cloud backup if you choose to enable it.
We do not have access to the content of your notes. If you use cloud backup, the data is encrypted before it leaves your device and decrypted only on your device when you restore or sync. We hold encrypted blobs — not readable records.
Optional cloud backup
Cloud backup is off by default. If you enable it, CustodyNote uses AWS infrastructure in London (eu-west-2) with TLS encryption in transit and AES-256 encryption at rest. Data never leaves the UK. The backup is designed for resilience — if your laptop fails or is replaced, you can restore your encrypted database to a new device using your recovery password.
You remain in control of whether cloud backup is active. If your firm policy or your own risk assessment says local-only, CustodyNote works entirely offline with no degradation in functionality.
Legal professional privilege
Attendance notes created during police station attendances are, in most circumstances, protected by legal professional privilege. The security architecture of CustodyNote is designed to support that protection at a technical level: data is encrypted at rest and in transit, access is limited to the authenticated user, and there is no mechanism for Defence Legal Services Ltd (the developer) or any third party to read your records.
Privilege is a legal concept, not a software feature — no application can guarantee privilege in all circumstances. But a tool that stores client data in plaintext on a shared cloud drive, or routes it through third-party processors without encryption, creates unnecessary risk. CustodyNote is built to avoid those risks.
Data controller responsibilities
Under UK GDPR, the data controller for the personal data in your attendance notes is you (or your firm). CustodyNote is a data processor only to the extent that you enable cloud backup, in which case Defence Legal Services Ltd processes encrypted data on your behalf under a data processing agreement. If you use CustodyNote in local-only mode, no personal data is processed by us at all.
This distinction matters for firms completing data protection impact assessments or responding to subject access requests. Your notes live on your device; your exports are under your control; your backup (if enabled) is encrypted with keys derived from your credentials.
What happens if your device is lost or stolen
If your laptop is lost, stolen, or damaged, your attendance notes are protected by AES-256 encryption. Without your credentials, the data cannot be read. If you had cloud backup enabled, you can restore your full database to a new device by entering your recovery password. If you were operating in local-only mode, the data on the lost device remains encrypted and inaccessible to anyone without your credentials — but you will need your own separate backups (e.g. external drive exports) to recover the records.
We recommend enabling cloud backup or maintaining regular local exports as part of your business continuity planning. Losing a device should not mean losing months of attendance records.
Recovery password
When you set up CustodyNote, you create a recovery password. This password is used to derive the encryption keys for your local database and, if enabled, your cloud backup. It is not stored by us in plaintext. If you lose your recovery password and have no other backup, your encrypted data cannot be recovered — by you or by us.
Store your recovery password securely, separate from the device running CustodyNote. A password manager or a sealed note in your firm's safe are both reasonable approaches.
GDPR considerations
CustodyNote is designed to support your compliance with UK GDPR. Key points:
- Data minimisation — CustodyNote collects only the data you enter into your attendance notes. There is no background telemetry harvesting personal data.
- Storage limitation — records are stored locally on your device. You control retention and deletion.
- Security of processing — AES-256 encryption at rest, TLS in transit for cloud backup, no third-party access.
- Right to erasure — you can delete any record at any time from your local database. If cloud backup is enabled, deletions propagate on sync.
- Data portability — PDF export and local database access mean you are never locked in.
For full details, see our privacy policy.
Frequently asked questions
Is my data stored in the cloud by default?
No. CustodyNote stores all data locally on your device by default. Cloud backup is optional and must be explicitly enabled by you. If you never turn it on, no data leaves your machine.
Can Defence Legal Services Ltd read my notes?
No. Even if you enable cloud backup, your data is encrypted before it leaves your device. We hold encrypted blobs that we cannot decrypt. We do not have access to your recovery password or encryption keys.
What encryption standard does CustodyNote use?
AES-256 for data at rest (local database and cloud backup). TLS 1.2 or later for data in transit when cloud backup is enabled.
Where is cloud backup data stored?
In AWS infrastructure located in London (eu-west-2). Data does not leave the United Kingdom. AWS provides ISO 27001, SOC 2, and other certifications for the underlying infrastructure.
What should I do if my laptop is stolen?
Your attendance notes are encrypted and cannot be read without your credentials. Report the loss to your firm and, if applicable, to the ICO if you believe there is a risk to data subjects — though encrypted data that cannot be accessed may not constitute a reportable breach. If you had cloud backup enabled, restore your database to a new device using your recovery password. See the FAQ for more guidance on device loss.
Ready to see the security model in practice? Start a free 30-day trial or download CustodyNote for Windows.