Pincites Security

We understand the importance of security, privacy, and control to your legal team’s success. Safeguarding your data is our highest priority. This page describes some of the measures we take to ensure security for all our customers.

For security inquiries please contact us at security@pincites.com. To report a vulnerability, please see our vulnerability disclosure policy.

Data Encryption & Infrastructure

• Our data is hosted in the USA on Google Cloud Platform (GCP)
• We encrypt all user data at rest (AES-256) and in transit (TLS 1.2+)
• Within GCP, our virtual private cloud is protected by firewalls and monitored by an intrusion detection system

Application Security

• We scan all code changes for vulnerabilities and exposed credentials
• We block deployment of code that does not pass security checks
• We apply dependency updates daily

Organization Security

• We use Single Sign-On (SSO) and Multi-Factor Authentication (MFA) for all business-critical applications, including any with access to your data
• We assess all vendors using a vendor risk management framework
• We perform background checks on all our employees and contractors
• We run annual security training

Testing & Auditing

• We conduct annual penetration testing
• We are SOC 2 Type II compliant