Updated: February 28, 2020

Thousands of lawyers and dozens of bar associations trust to collect, store, and transfer sensitive data. We protect our platform, and the apps you build on our platform, using modern, industry-standard security practices similar to those used by companies like Dropbox and Google. We also provide you with fine-grained controls over the data processed by the apps you build.

Physical Security

User data is stored using Amazon Web Services (AWS). AWS infrastructure is designed to meet the requirements of the most security-sensitive organizations in the world. AWS data centers are managed in accordance with leading data security standards, including SOC 1 - 3, PCI DSS Level 1, and ISO 9001 / ISO 27001.

Payment Processing complies with the Payment Card Industry’s Data Security Standards and can therefore accept or process credit card information securely. certifies this compliance annually.

Security Policies maintains and regularly reviews and updates its information security policies.

Personnel is committed to conducting background screening at the time of hiring any new employees (to the extent permitted or facilitated by applicable laws and countries). In addition, communicates its policies to personnel and requires new employees to sign non-disclosure agreements.


Any data your app collects is encrypted in transit from the end-user's machine to our servers via Transport Layer Security (TLS). All data stored by is also encrypted at rest.

Breach Notification

No provider of web-based services, including, can guarantee perfect security of its data or systems. If learns of a security breach, we will promptly notify affected users so that they can take appropriate protective steps.

Backups’s databases are backed up daily.

Your Responsibilities

Keeping your data secure also requires that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems.

Logging and Monitoring

Application and infrastructure systems log information to a centrally managed log repository for troubleshooting, security reviews, and analysis by authorized personnel. We will provide users with reasonable assistance and access to logs in the event of a security incident impacting their account.