Hero works

Choose a module

Select the type of document you want to analyse.

Features

Everything you need to analyse legal documents

From classification to export, SmartDoc AI covers the full analysis workflow — powered by Claude AI and purpose-built for South African law.

38 Document Types

Contracts, Acts of Parliament, POPIA policies, court documents, NDA, insurance schedules, NCA credit agreements — every major SA legal document type supported.

Red Flag Detection

Critical and high-severity issues identified automatically. Excessive restraints of trade, missing BCEA clauses, non-compliant notice periods — spotted instantly.

Playbook Compliance

Build your firm's standard compliance rules once. Every document is automatically checked against your playbook — 7 rule types including AI-powered semantic checks.

4 Export Formats

Professional PDF reports (watermarked free, branded Business+), Word documents, structured JSON for integrations, and CSV for spreadsheet analysis.

Multi-User Teams

One account for your whole firm. Owners and members collaborate on the same analyses and shared playbooks. All data isolated by firm — RLS enforced.

Built for SA Context

Every analysis references SA legislation by name — BCEA, LRA, NCA, POPIA, FAIS, Companies Act, Constitution. Not generic international advice.

How It Works

From upload to insight in three steps

No training required. No legal knowledge needed to start. Upload, analyse, act.

1

Upload Your Document

Drop any PDF, Word document, or text file. SmartDoc AI accepts all common legal document formats up to 10MB.

Supports PDF, DOCX, DOC, TXT
2

AI Analyses in Seconds

Our AI classifies your document, extracts parties, dates, and financial terms, detects red flags, checks compliance, and runs your firm's playbook — all automatically.

Typically under 3 seconds
3

Review and Export

Read the structured results across 6 tabs. Download a professional PDF report, share as Word, export as JSON or CSV — and save to your team history.

PDF, DOCX, JSON, CSV
Document Types

38 South African legal document types

Five document families with dedicated analysis pipelines. Each sub-type has purpose-built extractors, checklists, and red flag rules.

📄

Contracts

  • • Employment Contract
  • • Lease Agreement
  • • Shareholders Agreement
  • • Non-Disclosure Agreement
  • • Service Agreement
  • • Sale of Business
  • • Franchise Agreement
  • • Distribution Agreement
  • • Construction Contract
  • • Settlement Agreement
  • + 5 more types
⚖️

Legislation

  • • Acts of Parliament
  • • Regulations & Rules
  • • Government Notices
  • • SARS Rulings & Binding Opinions
  • • Municipal By-Laws
  • • Bills (Draft Legislation)
  • • Proclamations

Compliance

  • • POPIA Privacy Policy
  • • FAIS Compliance Manual
  • • TCF Framework
  • • FICA / AML Policy
  • • B-BBEE Compliance Certificate
  • • FSP Risk Management Policy
🏛️

Court Documents

  • • Summons
  • • High Court Judgments
  • • Consent Orders
  • • Liquidation & Insolvency
  • • Arbitration Awards
💰

Financial

  • • NCA Credit Agreement
  • • Insurance Policy Schedule
  • • Bond & Mortgage Documents
  • • Financial Services Agreement
  • • Personal Loan Agreement
Security

Your documents are safe here.

Legal and estate documents are among the most sensitive files a person owns. We built SmartDocAI with security as a first principle — not an afterthought. Every protection listed below is live and verified.

What we never do

We never sell your data to third parties

We never use your documents to train AI models

We never store your full document text after analysis completes

We never log document content to Railway or any logging service

We never share your analysis results with other users

We never display advertisements or allow advertisers to influence results

Document Privacy by Design

  • Documents are never stored in plain text — only analysis results are saved to the database
  • Document text is stripped from all server logs before they are written (Railway log sanitisation)
  • POPIA-compliant deletion — you can permanently delete any analysis and its data via the platform
  • Auto-purge function removes analyses older than your retention window automatically

Bank-Grade Authentication

  • Supabase Auth with JWT tokens — industry-standard OAuth 2.0 / OpenID Connect
  • Multi-Factor Authentication (MFA) available — TOTP via authenticator app
  • Session auto-expires after 30 minutes of inactivity — protects unattended sessions
  • Google OAuth supported — sign in via your Google account without creating a password
  • All passwords hashed with bcrypt — never stored in plain text

Row-Level Security on Every Table

  • PostgreSQL Row-Level Security (RLS) enforced on every database table
  • Users can only ever read and write their own data — enforced at the database level, not just the API
  • RLS verified live on: analyses, user_credits, payperuse_purchases, audit_log
  • Team accounts: members see only their team's data — other teams are invisible

API Hardening

  • Rate limiting on every endpoint — 30 requests/hour per IP, stricter on auth endpoints
  • File upload validation: extension whitelist + magic-byte check + 10MB hard cap
  • CORS locked to exact origin list — no wildcards in production
  • OpenAPI documentation disabled in production — prevents endpoint reconnaissance
  • PayFast webhook IP allowlist — only genuine PayFast IPs can trigger payment events
  • ReDoS protection via Google RE2 — prevents regex-based denial of service attacks

Prompt Injection Protection

  • Document text is passed to AI as clearly delimited data — never as instructions
  • Injected commands inside uploaded documents are ignored by the AI pipeline
  • JSON schema validation on all AI responses — malformed outputs are rejected
  • System prompts are hardened against instruction override attempts

Secrets & Infrastructure

  • All API keys stored as encrypted environment variables — never in source code
  • GitLeaks secret scanning runs on every git push to both repositories
  • Dependabot automatically flags vulnerable dependencies in both frontend and backend
  • npm audit and pip-audit run in CI on every deployment
  • Anthropic AI spend capped at R900/month with alerts at R720 — no surprise bills
  • PayFast passphrase is a 64-character cryptographically random string

Transport & Headers

  • HTTPS enforced everywhere — HTTP Strict Transport Security (HSTS) headers set
  • Content Security Policy (CSP) — prevents cross-site scripting attacks
  • X-Frame-Options: DENY — prevents clickjacking
  • X-Content-Type-Options: nosniff — prevents MIME-type sniffing attacks
  • Referrer-Policy: strict-origin-when-cross-origin — controls referrer leakage
  • Permissions-Policy disables camera, microphone, and geolocation access

Audit Trail

  • Every sensitive action is written to an immutable audit log in the database
  • Audit log has RLS — only your account can read your own audit events
  • Logged events: document analysis, credit deduction, export, deletion, login
  • Timestamps, user IDs, and action metadata recorded on every event

Compliance & Standards

POPIA Compliant

Right to erasure, data minimisation, purpose limitation

SOC 2 Infrastructure

Hosted on Supabase and Railway — both SOC 2 Type II certified

GDPR-aligned

Data processing principles followed even for SA-only users

SA Data Residency

Supabase instance configured for South African data locality

All security measures listed above are implemented and live — not planned features

SmartDocAI is hosted on Supabase (SOC 2 Type II) and Railway. TLS 1.3 is enforced on all connections. For security concerns or responsible disclosure, contact security@smartdocai.co.za.

Pricing

Simple, transparent ZAR pricing

No currency conversion. No surprises. Pay in Rands via PayFast.

Starter

R499/month

20 analyses / month

  • PDF & DOCX export
  • All 38 document types
  • AI plain language summary
  • Defined terms explained
Start Starter
Most Popular

Professional

R1,299/month

100 analyses / month

  • Everything in Starter
  • Playbook compliance engine
  • AI obligation explanation
  • AI red flag reasoning
  • 5 playbooks + teams (5 seats)
Get Professional

Business

R3,499/month

Unlimited analyses

  • Everything in Professional
  • JSON & CSV export
  • AI playbook rule checks
  • Custom PDF branding
  • Batch export (20 docs)
  • Teams (10 seats)
Get Business

Also available: Free plan (3 analyses/month) and Enterprise (R8,999/month)

See full pricing and feature comparison
Ready when you are

Start analysing documents
in 60 seconds

No setup. No training. No integration required. Upload your first document and get instant AI analysis — for free.

Create Free AccountSee Pricing

No credit card required. 3 free analyses per month forever. Upgrade when you need more.