Legal

Security

Last updated: November 25, 2025

Your legal workflows and sensitive data are protected through diligence, control, and layered technical safeguards.

Dedicated Infrastructure

Private, dedicated server environment ensuring your data is isolated from other clients and public internet traffic.

Robust Encryption

Industry-standard encryption safeguarding data at rest and in transit, including workflow credentials.

Strict Access Control

Access restricted using cryptographic keys and Multi-Factor Authentication (MFA) for all critical accounts.

Redundant Backups

Critical system data is encrypted and securely archived daily to an off-site storage vault for continuity.

1. Dedicated & Managed Infrastructure

Our workflows run on a private, dedicated server environment, ensuring your data is isolated from other clients and public internet traffic.

  • Robust Encryption: All data, including workflow credentials and sensitive client information, is protected with industry-standard encryption standards, safeguarding data at rest and in transit.
  • Platform Stability: The infrastructure is professionally managed and benefits from the physical and network security standards of our chosen VPS provider. We perform regular vulnerability scanning and patching to maintain system integrity.

2. Strict Access Control

Access to both the application and the underlying server is severely restricted using multiple authentication steps.

  • Server Access (SSH): Access to the VPS is secured using cryptographic keys and is restricted to pre-authorized personnel. We enforce Multi-Factor Authentication (MFA) for all critical administrative accounts.
  • Application Access (n8n): All users accessing the workflow application must utilize Multi-Factor Authentication (MFA).
  • Audit Logging: All user activities, changes, and workflow executions are meticulously logged and retained, providing a clear audit trail for compliance and review.

3. Data Protection and Continuity

We ensure your automated processes are resilient and your data is recoverable under any circumstance.

  • Redundant Backups: Critical system data and workflow configurations are encrypted on our server and then securely archived daily to an off-site storage vault.
  • Confidentiality by Design: Our workflows are designed following the principle of data minimization—we only process and store the necessary data required to execute your legal tasks, limiting exposure.

4. Alignment with Legal Standards & Reporting

We ensure your automated processes are resilient and your data is recoverable under any circumstance.

  • Regulatory Alignment: Our security controls and data handling procedures are built to align with the core principles of data protection regulations (like GDPR and HIPAA), focusing on confidentiality and data integrity.
  • Custom Compliance: If you have specific regulatory requirements, we work directly with your compliance team to ensure our workflows adhere to your established protocols.

Report a Security Issue

If you discover a security vulnerability, please report it responsibly to security@praxisflow.com. We appreciate your help in keeping PraxisFlow secure.