Enterprise-grade security for your contracts.
LAA is built on Google Cloud Platform with security designed for sensitive legal documents from day one.
Built on Google Cloud Platform.
LAA runs on GCP's enterprise infrastructure with SOC 2, ISO 27001, and other certifications.
Cloud Run
Serverless container execution with automatic scaling, zero-trust networking, and full isolation between requests.
Cloud Storage & Firestore
Documents stored in Cloud Storage with configurable retention. Metadata in Firestore with automatic backups.
Global load balancing
Google's global network with DDoS protection, SSL termination, and edge caching for static assets.
Your data stays yours.
Clear data handling policies with tenant isolation and configurable retention.
Encryption
- • Data encrypted at rest (AES-256)
- • Data encrypted in transit (TLS 1.3)
- • Customer-managed encryption keys available (CMEK)
Tenant isolation
- • Data stored under tenant-specific paths
- • No cross-tenant data access
- • Tenant-scoped API authentication
Data retention
- • Configurable retention periods
- • Automatic deletion after retention window
- • Data export available on request
LLM data handling
- • No document data used for model training
- • API calls to Groq/Google with enterprise agreements
- • Document content not persisted by LLM providers
Working toward enterprise compliance.
DiffAnalytics is building toward SOC 2 Type II certification and other enterprise compliance requirements.
SOC 2 Type II
In progress
GDPR
DPA available, data residency options
GCP certifications
SOC 1/2/3, ISO 27001, FedRAMP (via GCP)
Security questions
Need security documentation?
Contact us for our security whitepaper, penetration test results, or to discuss your specific compliance requirements.