Every other AI tool sends your client information to a cloud provider. GoDo runs the entire platform — workflow engine, AI, and audit trail — on hardware you own. Rule 1.6 isn't a policy. It's the architecture.
Model Rules of Professional Conduct 1.6 requires reasonable measures to prevent unauthorized disclosure of client information. Running client matter data through OpenAI, Anthropic, or Google — even in "enterprise" mode — is a risk assessment your malpractice carrier is starting to ask about.
Every time a staff member uses an AI tool to draft a client update, search a matter file, or summarize a deposition, that content is processed on a third-party server. "We don't train on it" is a contractual promise, not a technical guarantee.
Conflict checks in spreadsheets. Status updates by email. Billing write-off approvals in Slack. None of these produce a defensible record. An audit, a malpractice claim, or a bar inquiry reveals them immediately.
Practice management software handles billing and docketing well. It doesn't handle the workflows that fall outside its templates. Every firm has five to fifteen processes that live in someone's inbox and would cost $200k to build custom.
gpt-oss:120b is the primary reasoning engine — 116B open-weight parameters, running on your hardware via Ollama. It handles the conversation that turns your workflow description into an application blueprint, refines it, and arbitrates final decisions.
gemma4:31b is the adversarial reviewer — 31B parameters, completely different architecture and training lineage. It challenges the initial blueprint, finds gaps, bad assumptions, and missed edge cases. Because it was trained differently than gpt-oss, it has different blind spots. That architectural diversity is the point — it catches what gpt-oss misses.
Once an application is built, the runtime has zero AI. Workflows run entirely on deterministic code — no model inference, no API calls, no per-query cost. Rules fire, steps advance, audit trails write. All local, all free at runtime. Your staff never triggers an AI call just by using the platform.
Tell us the process. We'll map it out live in your first session. Each one includes a permanent, timestamped audit trail by default.
Intake form triggers automated conflict search against the existing matter database. Conflict results are logged before the first meeting. Partner review captured with timestamp and decision rationale.
Scheduled status updates go out automatically. Court deadlines tracked with escalating alerts. Every client communication logged with delivery confirmation. Nothing falls through when someone is out.
Attorney submits write-off with reason. Workflow routes to supervising partner based on amount threshold. Approval or denial captured with justification. Client communication sent and logged. Every decision permanent.
Requests go to opposing counsel, experts, and clients through structured intake. Missing items flagged automatically before deadlines. Every request, response, and follow-up logged with timestamps and actor attribution.
Settlement authority granted and logged. Offer and counter sequences tracked with dates and amounts. Client authorization captured for each step. Final approval recorded with full history — defensible if the settlement is ever challenged.
Monthly reconciliation workflow ensures trust account balances are verified against client ledgers. Discrepancies flagged immediately. Reconciliation sign-off captured by the responsible attorney. State bar audit-ready by default.
The GoDo audit trail isn't a log file someone can edit. It's written in the same database transaction as the workflow change — they commit together or not at all. A Postgres trigger physically prevents modification after the fact.
Audit entry and workflow change write in the same transaction. It's impossible to have one without the other.
A Postgres-level trigger rejects any UPDATE or DELETE on audit rows — including from admin accounts.
Every entry captures who acted, what changed, when, and from which request context. Not just a user ID — a complete record.
In sovereign mode, the audit trail lives in your local Postgres. You can export it, back it up, and present it to any auditor or regulator — on your terms.
Walk us through the process your firm is still running manually. We'll build a working version and walk you through it — with the sovereign deployment configured for your hardware from day one.
Book a Working Session →No account required. No commitment. If it doesn't fit, we'll tell you.