Security is our top priority.
Our platform is covered by end-to-end encryption and all our custom models and data are hosted and stored on the highly secure eco-system Microsoft Azure.
Certificates & standards
ClearContract strives to become your most trusted legal companion in your day-to-day legal operations. Therefore we both meet and try to exceed established data security standards and best practices.
How does ClearContract approach security?
ClearContract’s approach to security is multi-faceted, emphasizing both preventive measures and rapid response capabilities. This includes strong authentication and access control, with unique user identifiers and hardware-backed FIDO2 multi-factor authentication for all personnel. ClearContract’s secure development lifecycle incorporates best practices in coding, code reviews, and both static and dynamic application security testing. Network segmentation, firewalls, and Web Application Firewalls (WAFs) protect against unauthorized access, while security monitoring and intrusion detection systems guard against potential threats.
Which information does ClearContract have available to accelerate the IT Security/Risk Review process?
We provide full transparency on our infrastructure and data flows, including our data security paper available by clicking “Security Measures” below.
How do you authenticate customers?
We leverage Single-Sign-On (SSO) with SAML to authenticate customers. This way, firm administrators can centrally control who gets access to ClearContract and enforce security policies. Users can leverage their firm’s credentials and do not need to remember an additional password.
Where are your servers located?
We utilize Microsoft Azure Cloud, with all data processing and storage occurring within the European Union for full GDPR compliance. We also support data storage in other countries upon request.
How do you handle data ClearContract collects?
Unlike certain competitors, no data saved by our customers will be used to train or improve our machine-learning and large language models.
Furthermore, we encrypt all customer data at rest and in transit, and can support customer-managed encryption keys upon request. We store and process all data within the European Union.