Security

Your data, protected

Security is not a feature — it is how we build. Every document, message, and analysis is encrypted at rest and in transit.

GDPR compliant

SOC 2 Ready

Encrypted at rest & in transit

AES-256 encryption at rest and in transit

All user-generated content — documents, analyses, chat messages, clauses — is encrypted with AES-256 before it hits disk. TLS 1.2+ protects data in transit. No plaintext at rest, ever.

GDPR compliant, EU data processing

All data is processed within the EU. We provide data processing agreements, honor right-to-erasure requests, and support full data portability. See our subprocessor list at /subprocessors.

SOC 2 Type II readiness

Infrastructure and processes designed to meet SOC 2 Type II criteria. Continuous monitoring, access controls, and change management — with third-party audit on the roadmap.

SSO with SAML 2.0

Centralize access management with enterprise single sign-on. SAML 2.0 integration with your identity provider — Okta, Azure AD, Google Workspace, and others.

Complete audit trail

Every action is logged: who did what, when, on which document. Immutable records for compliance reviews, internal investigations, and regulatory reporting.

Data residency options

Choose where your data lives. EU data residency by default, with additional regions available for enterprise customers on request.

Security built for legal work

Read our security documentation or talk to our team about your requirements.

Start your trial