Security & Compliance

Security

How we protect your most sensitive legal documents.

Encryption

256-bit AES Encryption

All documents are encrypted at rest using AES-256. All data in transit is protected by TLS 1.3. Encryption keys are managed through Google Cloud KMS with hardware security module backing.

Compliance

GDPR & CCPA Compliant

Full compliance with GDPR, UK GDPR, and CCPA. Data processing agreements available for enterprise clients. EU data residency options. Right to erasure fully supported.

Infrastructure

Google Cloud Infrastructure

Hosted on Google Cloud Platform — SOC 2 Type II certified. 99.9% uptime SLA with redundancy across three availability zones. Automatic failover and disaster recovery.

AI Data Policy

Your Data Never Trains Models

Documents uploaded to JuristVault are never used to train AI models. Google Gemini API processes your data under enterprise terms that explicitly prohibit model training on client data.

Access Control

Zero-Trust Architecture

Multi-factor authentication required. Role-based access control within organizations. All access events logged and auditable. Automatic session expiry and anomaly detection.

Incident Response

72-Hour Breach Notification

In the event of a breach affecting your data, JuristVault will notify you within 72 hours per GDPR Article 33. Incident response team on call 24/7.

Certifications & Standards

SOC 2 Type II (via Google Cloud)

ISO 27001 (via Google Cloud)

GDPR Compliant

CCPA Compliant

TLS 1.3 in Transit

AES-256 at Rest