Pincites Security

We understand the importance of security, privacy, and control to your legal team’s success. Safeguarding your data is our highest priority. This page describes some of the measures we take to ensure security for all our customers.

For security inquiries please contact us at security@pincites.com. To report a vulnerability, please see our vulnerability disclosure policy.

Compliant with

SOC 2 Type II
GDPR
CCPA
Zero Data Retention (ZDR) from model providers
No data you upload to or output from the product is ever used for training AI models
State-of-the-art encryption
All data is encrypted in transit and stored with AES-256 and TLS 1.3 encryption
Industry leading certification
Pincites adheres to the highest security standards with SOC 2, GDPR, and CCPA

Data Encryption & Infrastructure

  • Our data is hosted in the USA on Google Cloud Platform (GCP)
  • We encrypt all user data at rest (AES-256) and in transit (TLS 1.2+)
  • Within GCP, our virtual private cloud is protected by firewalls and monitored by an intrusion detection system

Application Security

  • We scan all code changes for vulnerabilities and exposed credentials
  • We block deployment of code that does not pass security checks
  • We apply dependency updates daily

Organization Security

  • We use Single Sign-On (SSO) and Multi-Factor Authentication (MFA) for all business-critical applications, including any with access to your data
  • We assess all vendors using a vendor risk management framework
  • We perform background checks on all our employees and contractors
  • We run annual security training

Testing & Auditing

  • We conduct annual penetration testing
  • We are SOC 2 Type II compliant
Pincites - AI contract review for busy legal teams