Lupl Trust Center
See why Lupl is trusted by law firms and legal departments all over the world.
Our Commitments to You
- Security: Sector-grade security.
- Compliance: Specifically designed for industry needs.
- Transparency: Absolute transparency.
- Continuous Improvement: We will continue to innovate to protect your data.
Latest Insights
Security Spotlight: The Importance of SOC 2 Certification in Legal Tech Vendors
In an increasingly digital world, data security is more critical than ever. Especially when it…
Lupl Achieves ISO 27001 and SOC 2 Type 2 Security Certifications
For legal services providers, data security is not just a preference-it’s a requirement. We are…
Why Lupl Chose to Pursue SOC 2 Compliance in its First Year
We are excited to announce that Lupl recently completed its SOC 2 Type I audit…
What We Do
Security
Lupl and its partners put themselves through rigorous independent security certifications.
Compliance
Lupl meets stringent privacy and security regulations in all the markets in which it operates.
Transparency
Whether it’s transparency on where your data is stored or how it will be protected, we uphold the principle of transparency in all our compliance practices.
Continuous Improvement
We regularly test our security and compliance controls, working with independent third parties.
How We Do It
Before Lupl even launched in beta, it undertook security assessments for three of the world’s largest law firms. It is therefore no surprise that everything we do has security and compliance at its core. Here are just some examples:
Sector-Grade Encryption
Lupl applies encryption in-transit and at-rest using industry best practices (such as HTTPS and TLS) to ensure your data is stored and transmitted securely.
24/7/365 Security Operations Center
Lupl operates a 24/7/365 SOC with real-time reporting of incidents and potential incidents – if there were even the slightest sign of suspicious activity, our team is on the case.
Regular Penetration Testing
Lupl undergoes regular penetration testing to ensure that any vulnerabilities are identified and mitigated without the confidentiality, integrity or availability of data being impacted.
Stringent Personnel Measures
All personnel are subject to background checks, binding legal obligations, and regular, intensive security and privacy training.
Privacy & Security by Design
We bake privacy and security by design into everything we do. Whether it’s the design of our UI, which ensures our users always know who will see what they write and share, or our access control systems, security and privacy are the first step of every project we undertake.
International Standards
Lupl already has its SOC 2 Type 1 & Type 2 and ISO/IEC 27001 certifications, and all controls are aligned with these standards.
Proven Track Record
Trusted Everywhere
Lupl is trusted and used by law firms, legal departments and the public sector across the Americas, EMEA and Asia-Pacific and Africa.
We securely bring the global legal community together, allowing lawyers to grow their practice all over the world.
Our Security Standard
Secure Cloud Infrastructure
Lupl leverages Microsoft cloud services – the industry gold standard for security and compliance.
No other cloud services provider offers the same level of assurance for the legal industry – and we’ve seen them all.
The datacenters and operations used to deliver the Lupl platform have earned and maintain an extensive list of certifications necessary to deliver some of the world’s most demanding and sensitive enterprise applications. The list includes:
- CIS benchmark (secure configuration standards and compliance monitoring)
- CSA STAR (Attestation, Certification, Assessments)
- GDPR
- ISO 20000-1
- ISO 22301
- ISO 27001
- ISO 27017
- ISO 27018
- ISO 27701
- ISO 9001
- SOC 1
- SOC 2
- SOC 3
- WCAG
Request Our Security Pack.
Assessing Lupl for your organization? Request a copy of our Security Pack. It includes:
- Information about Lupl
- White Paper – Privacy & Security in Lupl
- Certifications
- Third-Party Reports
- Overview of Lupl Policies
An NDA may be required.