Trust Center

Security, compliance, and data protection resources for law firms evaluating or using LegalsOne.

Single-Tenant Architecture
AES-256 Encryption at Rest
TLS 1.2+ in Transit
RBAC + MFA
Nightly Encrypted Backups
Immutable Audit Logs

LegalsOne is built for law firms that handle sensitive client data. This Trust Center is your single reference point for security architecture, compliance posture, data handling agreements, and transparency policies. We publish everything here — not because we're required to, but because we believe the firms trusting us with their data deserve to know exactly how it's protected.

Security & Architecture

Security Overview

Plain-language explanation of how we protect your firm's data — architecture, encryption, access controls, and monitoring.

Security Controls

Technical reference: encryption specifications, IAM controls, network security, vulnerability management, and logging detail.

Incident Response

How we identify, contain, and communicate security incidents — including our 72-hour breach notification commitment.

Vulnerability Disclosure

Responsible disclosure program for security researchers — safe harbor terms, report procedures, and our response commitments.

Backups & Recovery

Nightly encrypted backup schedules, cross-region redundancy, retention periods by plan tier, and restore request process.

Subprocessors

Complete list of third-party vendors that process data on our behalf, organized by category with data roles defined.

Compliance & Privacy

Compliance Overview

Our NIST/CIS framework alignment, SOC 2 roadmap, GDPR posture, HIPAA considerations, and certifications timeline.

Data Processing Agreement

GDPR-aligned DPA defining LegalsOne's role as data processor, your obligations as controller, and our mutual commitments.

Privacy Policy

How LegalsOne collects, uses, and protects personal information — covering website visitors, prospects, and platform users.

Data Ownership

Your data belongs to you. Export formats, portability rights, and what happens to your data during and after your subscription.

Data Retention

How long LegalsOne retains different categories of data, log retention schedules, backup windows, and deletion procedures.

Service Level Agreement

99.5% monthly uptime target, credit schedule, exclusions (maintenance windows, force majeure), and claim procedures.

Have a security or compliance question?

Our team responds to security and compliance inquiries from evaluating law firms. We can provide architecture documentation, answer vendor security questionnaires, and discuss our roadmap.

Contact Security Team