Trust & Security
Law firms trust us with their most sensitive work. We earn that trust through rigorous security practices, a zero-compromise approach to data protection, and full transparency on how your data is stored and processed.
TLS 1.3 in transit, AES-256 at rest. All data encrypted within a SOC 2 compliant cloud environment.
Enterprise authentication with single sign-on through your identity provider. Centralised access management for your entire team.
Documents stored in private buckets with signed, expiring URLs. AI models never retain or learn from your data.
Security is not a feature we added — it is the foundation everything is built on. Every layer of our stack is designed to protect your documents and your clients.
Every request is verified. We apply the principle of least privilege across our entire infrastructure. Backend-only service roles ensure elevated permissions are never exposed to the browser. Row Level Security (RLS) on all database tables limits access by user and role.
All data processing runs on SOC 2 compliant infrastructure via Supabase and AWS, with full compliance to local data sovereignty laws. We ensure your data stays where your firm needs it — with complete transparency on hosting locations and data flows.
Partnership
Security is a partnership. We work collaboratively with firms to address specific security concerns or compliance requirements — whether it's a custom security review, a DPA, or aligning with your internal policies.
We conduct regular vulnerability assessments and continuously update our processes and systems to adapt to evolving threats and industry standards. Our security posture is never static.
Get in touch
We're happy to discuss our security architecture or answer questions from your IT and compliance teams.
Get in touch