Security

Built for the most
sensitive matters.

Your clients trust you with their most confidential information. Sqyro is engineered from the ground up to protect that trust — with per-attorney data isolation, hash-chained audit logs, and SOC 2 Type II compliance.

SOC 2 Type II

AES-256 encryption

299+ RLS policies

Zero training on your data

Enterprise-grade protection

Security isn't a feature we bolted on. It's the foundation every line of code is built upon.

Per-Attorney Data Isolation

Every query is scoped to your firm through 299+ row-level security policies enforced at the database layer. Your clients’ data is never visible to other attorneys — not even to us.

Zero Training on Your Data

We never use your inputs, outputs, documents, or conversations to train AI models. Your data stays yours. Period. This is a contractual guarantee, not just a policy.

Hash-Chained Audit Log

Every state change is recorded in an append-only, SHA-256 hash-chained audit log. Each entry is cryptographically linked to the previous one — any tampering is immediately detectable.

Multi-Factor Authentication

TOTP-based two-factor authentication for all email/password accounts. OAuth users (Google, Microsoft) inherit their provider’s strong authentication. MFA enforcement is SOC 2 CC6.1 compliant.

API Key Security

API keys are SHA-256 hashed before storage — we never store plaintext keys. Each key supports granular scoping, expiration dates, and constant-time comparison to prevent timing attacks.

Webhook & Integration Security

All webhooks are HMAC-SHA256 signed for authenticity. SSRF protection validates URLs at both registration and delivery, blocking private IP ranges, loopback addresses, and DNS rebinding.

How we protect attorney-client privilege

Attorney-client privilege isn't just a legal concept — it's an architectural requirement. Every layer of Sqyro enforces strict data boundaries.

Row-Level Security (RLS)

Every database table has RLS enabled with policies that scope queries to the authenticated attorney's lawyer_id. This is enforced at the PostgreSQL layer — even if application code has a bug, the database itself prevents cross-attorney data access. 299+ policies cover every table.

Firm Staff Isolation

Staff members (paralegals, associates) are scoped to their attorney's data through a dedicated identity resolution function. Staff can only access conversations they participate in — they cannot see the attorney's private notes or other staff's conversations.

Confidentiality Gating

Referral details (client names, adverse parties) are hidden until the receiving attorney acknowledges confidentiality obligations under Model Rules 1.6(c) and 1.18. Every acknowledgment is recorded with IP address, user-agent, and timestamp.

AI Context Boundaries

The AI assistant only receives context from the authenticated attorney's own clients, matters, and documents. PII detection scans all AI-generated content before storage. Shared knowledge contributions are anonymized and PII-stripped before entering the community pool.

Security at every layer

NetworkTLS 1.3 in transit, HSTS preloaded, CSP headers, X-Frame-Options: DENY

AuthenticationSupabase Auth with TOTP MFA, OAuth (Google/Microsoft), session refresh on every request

Authorization299+ RLS policies, get_my_lawyer_id() SECURITY DEFINER function, atomic tier limit checks

ApplicationZod schema validation on all mutations, rate limiting (sliding window), SSRF protection

DatabaseAES-256 encryption at rest, RLS enforced per-row, hash-chained audit log

AIZero data retention, PII detection (8 patterns), context scoped to attorney, no model training

MonitoringSentry with PII masking, text/input redaction in session replay, email scrubbing in breadcrumbs

Incident ResponseRedis-backed maintenance mode, IP allowlists, fail-open design, automatic recovery

Compliance & certifications

Sqyro is built to meet the regulatory requirements of the legal profession.

SOC 2 Type II

Security (CC1–CC9) and Confidentiality (C1) controls independently verified.

ABA Model Rules

Rules 1.6(c), 1.18, 5.4 compliance. Fee calculations never use billing amounts or case values.

ESIGN Compliant

Engagement letter signatures capture typed name, consent, IP, user-agent, and SHA-256 hash chain.

Audit Trail

Append-only, hash-chained audit log on every state change. Cryptographic tamper detection.

Security FAQ

No. We never use your inputs, outputs, documents, or conversations to train any AI model. Your data is used exclusively to serve your requests and is never shared with model providers for training purposes. This is a contractual guarantee.

Every database table has row-level security (RLS) policies enforced at the PostgreSQL layer. All queries are automatically scoped to your authenticated identity through a SECURITY DEFINER function. Even if application code had a bug, the database itself prevents cross-attorney data access. We maintain 299+ RLS policies covering every table.

No. Staff members (paralegals, associates) are scoped through a dedicated identity resolution system. They can only access data under your firm and can only see conversations they participate in. Your private notes and other staff members’ conversations are not visible to them.

When you receive a referral, client names and adverse party information are hidden behind a confidentiality gate. You must acknowledge your obligations under Model Rules 1.6(c) and 1.18 before viewing sensitive details. Every acknowledgment is recorded with your IP address, user-agent, and timestamp for audit purposes.

All data is encrypted at rest using AES-256 and in transit using TLS 1.3 with HSTS preloading. API keys are SHA-256 hashed before storage — we never store plaintext keys. Webhook signatures use HMAC-SHA256, and engagement letter signatures are protected by SHA-256 hash chains.

Our audit log is append-only and hash-chained. Each entry includes a SHA-256 hash computed from the previous entry’s hash combined with the current event data. This creates a cryptographic chain — modifying any historical entry would break the chain and be immediately detectable.

Sqyro has a Redis-backed maintenance mode that can instantly gate all traffic, returning 503 responses for API routes and a maintenance page for users. IP allowlists let authorized personnel access the system during incidents. The system is designed to fail-open for availability — if maintenance checks fail, the app stays up.

Yes. We run Gitleaks on every commit to detect leaked credentials (Stripe keys, API tokens, AWS keys). Our PII detector scans AI-generated content for 8 pattern types including SSNs, A-Numbers, phone numbers, emails, case numbers, dates of birth, passport numbers, and driver’s license numbers. Sentry session replay masks all text and form inputs.

SOC 2 Type II (Security CC1–CC9 and Confidentiality C1), ABA Model Rules (1.6(c), 1.18, 5.4), and ESIGN Act for electronic signatures. Our referral matching engine is specifically designed to comply with Model Rule 5.4 — scoring never considers billing amounts, case values, referral fee percentages, or client wealth.

Your data is hosted on Supabase’s managed PostgreSQL infrastructure in the US East region (North Virginia). All infrastructure runs on SOC 2 compliant cloud providers with bank-level encryption.

Your clients' trust is non-negotiable.

Start with Sqyro free. SOC 2 compliance included on every plan.

Get started free

sqyro