Security and privacy, by design.
ChatFormats runs entirely offline on your Windows environment — no cloud upload, no third‑party APIs for message processing. Designed for law firm confidentiality and compliance.
How ChatFormats handles data
Input
WhatsApp ZIP exports (with or without media), local OCR/Tesseract models, local Moonshine transcription models. All inputs stay on your machine.
Processing
Message parsing, privilege detection, OCR, transcription, entity extraction — all on your Windows device. No client data transmitted to external servers.
Output
PDF exhibits, HTML review sets, CSV files, Concordance/Relativity load files, JSON, and organised media folders. Written to user‑selected local directories.
No cloud upload. Period.
ChatFormats never sends your client's WhatsApp data to our servers or any third‑party cloud. All evidence stays inside your firm's environment — no vendor access, no unexpected data transfer.
- ✓ Local OCR (Tesseract) runs on your device
- ✓ Voice transcription (Moonshine) runs locally — no OpenAI API calls
- ✓ Privilege detection, NER, and structured extraction are 100% on‑prem
What (if anything) reaches the internet
License validation and update checks may contact our servers, but they never transmit message content or metadata. These checks are limited to version info, license status, and anonymised basic telemetry (if enabled — optional). Client evidence remains isolated.
Where data is stored and how outputs behave
Input locations
The WhatsApp ZIP file stays exactly where you place it. ChatFormats reads from that location but does not move or duplicate it without your direction. Processed message data exists only in memory during parsing.
Output directories
All exports (PDF, HTML, CSV, DAT/OPT, media folders) are written to a user‑selected folder. No proprietary cloud storage, no vendor copy of the evidence. You control retention, backups, and deletion.
Supporting chain‑of‑custody narratives
ChatFormats helps you build a defensible chain of custody by:
- Computing SHA‑256 hashes of the original WhatsApp ZIP and extracted .txt file.
- Embedding those hashes in generated PDF exhibits and HTML review sets.
- Providing a separate Chain of Custody TXT report with timestamps, case metadata, and hash values.
- Recording the export generation date and environment details (configurable).
📌 These are technical aids; final chain‑of‑custody procedures remain your firm's responsibility. We provide the building blocks for a clear narrative from source to exhibit.
Access control & environment
OS‑level controls
ChatFormats runs as a standard Windows application under the logged‑in user's account. It inherits your firm's existing file permissions, BitLocker encryption, and network policies. No separate user database or remote access channel is created.
No hidden persistence
The tool does not install background services, kernel drivers, or auto‑migrate data. Uninstall removes all application files (user outputs remain untouched).
Support data and optional telemetry
Support engagements: When you contact our support team, you decide what to share. We may ask for log files or anonymised sample exports, but you control the data. We never remotely access your machine or evidence folders.
Telemetry (placeholder – subject to firm agreement): ChatFormats may include optional, aggregate telemetry (e.g., feature usage counts, crash reports) that contains no message content, filenames, or participant names. Telemetry is disabled by default in sensitive environments (Enterprise/firm license). Exact scope to be confirmed during implementation and legal review.
Bring your IT and security team to the demo
We invite your information security or compliance leads to join a technical walkthrough. Ask about offline architecture, deployment in air‑gapped environments, and integration with your existing security stack.
We can provide a detailed security addendum, GDPR/DPA addendum, and answer custom compliance questionnaires.