Trust and Security Centre

Security is at the heart of everything we do.

Enterprise grade security & hosting trusted by the worlds largest law firms, legal teams and corporates.

With a proactive, security-by-design approach, we align with global regulations like GDPR and CCPA, safeguarding data while delivering a reliable and trustworthy service. Autologyx is designed to support organisations operating in regulated environments. We apply a defence-in-depth approach to security, combining technical, organisational, and contractual controls to protect customer data and ensure the availability and integrity of the platform.

Certifications & Complaince

Industry leading governance guides our development, hosting and company policies.

Autologyx certifies its security and risk management practices with recognised industry standards, including:

ISO 27001 & SOC II.
Secure software development cycles
Regular risk assessments and internal control reviews.

Where appropriate, independent security testing and assurance activities are conducted. Evidence can be shared with customers under NDA on request.

Data Protection, Privacy & GDPR

Autologyx supports compliance with the UK GDPR & EU GDPR

Autologyx acts as a data processor, processing personal data only on documented customer instructions. Customers retain full ownership and control of their data at all times.
We support customer data protection obligations by enabling:

Secure processing of personal data for defined and documented purposes
Access, correction, deletion, and export of personal data
Appropriate technical and organisational measures to protect personal data throughout its lifecycle

A Data Processing Addendum (DPA) is available as part of our standard contractual arrangements.

Data hosting & Residency

Autologyx is hosted on secure, enterprise-grade cloud infrastructure using leading cloud service providers.

Customer data is hosted in either the UK, US or EU data centres, depending on deployment configuration and customer requirements. Data is logically segregated between customers and protected using industry-standard encryption technologies.

Operational resilience is supported through backup and disaster recovery arrangements designed to maintain platform availability and integrity.

Technical & Organisational Security Controls

Security is at the heart of everything we do.

Autologyx implements layered security controls across the platform and organisation, including:

Encryption of data in transit and at rest
Role-based access controls and least-privilege access principles
Strong authentication mechanisms
Audit logging of system, adminisitrative & user activity
Continuous monitoring and vulnerability management processes
Secure onboarding, training and access management for personnel

These controls are designed to meetthe expectations of customers subject to internal risk, compliance and audit requirements.

Customer Assurance & further Information

Do you need additional information to support internal risk, procurement or compliance reviews?

We recognise you might need further information. The following requests & information are welcome and available upon request:

Security and compliance questionnaires
Data processing addendum (DPA)
Supporting security and assurance documentation