Security
Security isn't optional. We architected for it.
Built by Lawyers with Security in Mind
Every document, conversation, and action on Iqidis is protected by enterprise-grade security. Data is encrypted in transit and at rest, tenant-isolated, and never used to train models. Ephemeral AI processing ensures information lives only during your session — never beyond your control.
To maintain the highest standards, we partner with Guidepost Solutions for compliance and AI risk oversight, and Sprinto for ISO 27001 and SOC 2 automation. Together, these safeguards ensure Iqidis is continuously monitored, audited, and aligned with the strictest security and confidentiality standards
Certifications & Standards
SOC 2
ISO 27001
GDPR-Aligned
CCPA-Ready
You own your data. We process it under your control.
No Training
Customer Content is never used to train any model.
Deletion on Demand
Customers can delete data at any time, and all content is deleted or returned within 30 days of contract termination.
No Retention
Third-party model calls are stateless; vendor caching is disabled.
Exportability
Content can be exported in standard formats (Word or PDF) at any time.
Our Security Architecture
Built for legal confidentiality.
Tenant Isolation
Every organization is hard-isolated. Workspaces and matters are segregated containers, never co-mingled or pooled.
Role-Based Access
Access follows least-privilege. Roles (Org Admin, Matter Owner, Contributor) are rolling out in phases to enforce granular control.
Architecture Before AI
Retrieval-augmented generation, OCR, and a matter-centric Knowledge Graph provide context first. AI models are invoked only for narrow inference, with no training, caching, or retention.
Confidential by Design
Processing is stateless, ephemeral, and containerized. No Customer Content is ever used for model training.
Plain-English commitments with enterprise-grade protections.
Subprocessors
Terms of Service
Privacy & Data Policy
Disclaimer
Acceptable Use Policy
Cookie Policy