Infrastructure

Data Security

Our security architecture is designed to exceed the standards of top-tier global banking institutions.

Encryption at Rest & Transit

All data is encrypted using AES-256 for data at rest and TLS 1.3 for data in transit. We employ envelope encryption with rotating keys managed by AWS KMS.

SOC2 Type II Compliant

BlackLetter undergoes annual third-party audits. Our controls covering security, availability, and confidentiality are rigorously tested and verified.

Sovereign Infrastructure

Clients can choose regional data residency. Your legal data never leaves your chosen jurisdiction without explicit authorization.

Granular Access Control

Role-Based Access Control (RBAC) allows you to define permissions at the document, clause, or comment level. Complete audit logs track every interaction.