Your data, secure and protected
From encryption to access controls, every part of GitLaw is built to keep your contracts safe and your data private.
Your data, secure and protected
From encryption to access controls, every part of GitLaw is built to keep your contracts safe and your data private.
Security at a Glance
Enterprise-grade encryption
AES-256 at rest, TLS 1.2+ in transit
Role-based access control
MFA supported, granular permissions
SOC 2 Type 2, GDPR
Certified and independently audited
Google Cloud infrastructure
Hosted on trusted, enterprise-grade cloud
AI privacy
No third-party model training, zero data retention with our AI provider
Published subprocessors
Full list available, 30 days' notice on changes
Continuous monitoring
Automated compliance tracking via Sprinto
Incident response
GDPR-aligned breach notification policy
Security built in, not bolted on
Trust, independently verified
Our security is independently verified, not self-assessed. A third party checks our practices so you don't have to.
- •SOC 2 Type 2 certified
- •30+ published security policies
- •Independently audited
Enterprise-grade encryption
Your files are encrypted and unreachable to anyone who shouldn't have access, stored and in transit.
- •AES-256 encryption at rest
- •TLS 1.2+ encryption in transit
- •Google Cloud hosted
Control who sees what
You control exactly who in your team can access what. Your drafts and conversations are never visible to counterparties.
- •Private by default
- •Multi-factor authentication supported
- •Role-based access control
Smart AI. Strict boundaries
When GitLaw's AI reads your contract, your content is never stored or used to train external AI models.
- •No third-party model training
- •AI features are fully optional
SOC 2 Type 2 Certified
GDPR Compliant
AES-256 Encryption at Rest
TLS 1.2+ Encryption in Transit
Google Cloud Hosted
