Security
All traffic between your browser and ThreadCase is encrypted in transit using TLS. Uploaded files are stored in private object storage and are never placed in a publicly accessible bucket; every file URL is a short-lived signed link that expires after a brief window, so only authenticated requests can retrieve your documents. Each case is isolated at the database layer using row-level security tied to your workspace, so no user can access another user's case data even if they somehow obtained the same database credentials
Sensitive actions — including document access, exports, permission changes and account deletion — are written to an append-only audit log. Support staff are technically prevented from reading your case content; access to a specific case for support purposes requires an explicit, time-boxed, audit-logged permission grant from you, and that grant expires automatically.
ThreadCase organises information, evidence, dates and correspondence. Important legal, medical and procedural decisions should be checked with a qualified professional.