Pincites Security

We understand the importance of security, privacy, and control to your legal team’s success. Safeguarding your data is our highest priority. This page describes some of the measures we take to ensure security for all our customers.

For security inquiries please contact us at security@pincites.com. To report a vulnerability, please see our vulnerability disclosure policy.

Compliant with

SOC 2 Type II

GDPR

CCPA

No AI model training

No data you upload to or output from the product is ever used for training AI models

State-of-the-art encryption

All data is encrypted in transit and stored with AES-256 and TLS 1.3 encryption

Industry leading certification

Pincites adheres to the highest security standrds with SOC 2, GDPR, and CCPA

Data Encryption & Infrastructure

Our data is hosted in the USA on Google Cloud Platform (GCP)
We encrypt all user data at rest (AES-256) and in transit (TLS 1.2+)
Within GCP, our virtual private cloud is protected by firewalls and monitored by an intrusion detection system

Application Security

We scan all code changes for vulnerabilities and exposed credentials
We block deployment of code that does not pass security checks
We apply dependency updates daily

Organization Security

We use Single Sign-On (SSO) and Multi-Factor Authentication (MFA) for all business-critical applications, including any with access to your data
We assess all vendors using a vendor risk management framework
We perform background checks on all our employees and contractors
We run annual security training

Testing & Auditing

We conduct annual penetration testing
We are SOC 2 Type II compliant