Book a Demo
lawyal Logo
Book a Demo

Trust Center

Welcome to Lawyal's Trust Center.

Trust is the cornerstone of everything we do. This Trust Centre was built for Lawyal’s existing and potential clients in order to reflect our efforts of making Lawyal the most trustworthy platform for your firm.

Our Trust Center highlights our commitment to security, compliance, and privacy by showcasing our adherence to global standards, and local regulations. We prioritize robust cybersecurity measures, including encryption and advanced monitoring tools to protect your data. With a focus on transparency and accountability, we ensure your information is secure, private, and handled with the utmost care.

We believe in complete transparency and therefore provide our customers with clear information about how their data is managed and the security measures we implement. Through regular audits and a culture of accountability, we ensure that your information is secure and handled with the highest level of professionalism.

Certification

AICPA SOC

Service Organization Control 2

SOC 2 (Service Organization Control 2) focuses on evaluating a company’s systems based on trust service criteria: security, availability, processing integrity, confidentiality, and privacy. It ensures that service providers securely manage data to protect the interests of their customers. SOC 2 compliance demonstrates a commitment to stringent operational controls and safeguards for handling sensitive information.

GDPR LOGO

The General Data Protection Regulation

The General Data Protection Regulation (GDPR) is a European Union law that establishes strict rules for data protection and privacy. It governs how personal data is collected, stored, processed, and shared. GDPR emphasizes transparency, user consent, and data minimization, with severe penalties for non-compliance, ensuring individuals maintain control over their personal information.

ISO Certified logo

International standard for information security management systems

ISO 27001 is an international standard for information security management systems (ISMS). It provides a framework for implementing, managing, and continuously improving security practices. Organizations certified with ISO 27001 demonstrate their ability to protect sensitive data through risk assessments, structured policies, and robust control measures.

Data Privacy

Data Privacy Illustration
  • Your data privacy is of paramount importance.
    Lawyal’s systems are designed to keep your information confidential, and accessible only to authorized parties. We never share customer data with third parties without consent, and all stored information is encrypted and securely managed.
    Lawyal's Privacy Policy
  • Data Backups
    Lawyal captures backups regularly to ensure internal and customer data is protected from loss according to our Business Continuity and Disaster Recovery procedures.
  • Encryption-at-rest
    All customer data is encrypted at-rest using AES-256. Lawyal is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards.
  • Encryption-in-transit
    All communication with our services is encrypted using the TLS protocol and HTTPS secure protocol, ensuring the confidentiality, integrity, and authenticity of transmitted data.
  • Physical Security
    The physical security of our infrastructure is managed by AWS. Additional Information can be found in AWS’s security documentation: https://aws.amazon.com/security/
  • Web Application firewall
    Lawyal is committed to securing online applications for continued security and availability.

Data Security

Data Security Illustration

Data Security

Data Security Illustration
  • Data Backups
    Lawyal captures backups regularly to ensure internal and customer data is protected from loss according to our Business Continuity and Disaster Recovery procedures.
  • Encryption-at-rest
    All customer data is encrypted at-rest using AES-256. Lawyal is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards.
  • Encryption-in-transit
    All customer data is encrypted in-transit between Lawyal and customers and between Lawyal and service providers using TLS 1.2. Lawyal is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards.
  • Physical Security
    The physical security of our infrastructure is managed by AWS. Additional Information can be found in AWS’s security documentation: https://aws.amazon.com/security/
  • Web Application firewall
    Lawyal is committed to securing online applications for continued security and availability.

Infrastructure

Infractucture Illustration
  • AWS
    Lawyal's infrastructure is hosted by AWS in multiple regions (Israel and Ireland). Additional information on AWS infrastructure security can be found at: https://aws.amazon.com/security/
  • BCP/DR
    We have a formal Business Continuity and Disaster Recovery plan, which is exercised, reviewed, and approved annually.
  • Separate environment
    At Lawyal, the production, staging, and development environments are maintained as distinct entities to safeguard operational integrity and data confidentiality.
  • EDR/XDR
    All employee endpoints are protected with an advanced EDR solution. Endpoint security signals are monitored regularly for anomalous activity.
  • SIEM
    Lawyal prioritizes the secure and centralized storage of crucial infrastructure logs. Our SIEM systems continuously monitor these logs, enabling real-time analysis to promptly detect, alert, and mitigate potential threats.
  • SOC team
    The SOC (Security Operations Center) team is responsible for 24/7/365 monitoring of the company's entire infrastructure

 Endpoint Security and Monitoring  

 Endpoint Security and Monitoring  illustration

 Endpoint Security and Monitoring  

 Endpoint Security and Monitoring  illustration
  • EDR/XDR
    All employee endpoints are protected with an advanced EDR solution. Endpoint security signals are monitored regularly for anomalous activity.
  • SIEM
    Lawyal prioritizes the secure and centralized storage of crucial infrastructure logs. Our SIEM systems continuously monitor these logs, enabling real-time analysis to promptly detect, alert, and mitigate potential threats.
  • SOC team
    The SOC (Security Operations Center) team is responsible for 24/7/365 monitoring of the company's entire infrastructure

External Controls

Based on the text "External Controls," "Annual Penetration Testing," and "Risk Assessments," here are the Alt Text options for the Magnifying Glass Icon (image_254ced.png). Best Option (SEO & Context Balanced) "Security audit icon showing a magnifying glass over a verified document, representing external risk assessments and penetration testing compliance
  • Annual Penetration Testing (PT)
    We conduct annual penetration tests performed by an external, independent cybersecurity firm. These tests identify potential vulnerabilities in our systems, ensuring our security measures remain effective and up to date. Additionally, a retest is performed to verify that all identified issues have been properly addressed and mitigated. Upon request, we provide existing customers with a detailed findings report.
  • Risk Assessments by External Experts
    We conduct regular risk assessments to identify and evaluate potential threats to our organization. These assessments are overseen by an independent third-party company specializing in risk management, ensuring unbiased and comprehensive reviews of our processes and controls.

 

For further information regarding privacy, data security and the system’s infrastructure, contact us at: security@law-yal.com

 

Last updated: 01.01.2025

Lawyal
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.