Security

Your data security is our priority

LawCentral is built with security at its core. We understand the sensitive nature of legal data and have implemented comprehensive measures to protect your information.

Encryption in Transit

All data transmitted between your device and our servers is encrypted using TLS 1.3, the latest and most secure transport protocol.

Encryption at Rest

All stored data is encrypted using AES-256 encryption. Your case files, documents, and personal information are protected even in storage.

Multi-Factor Authentication

Sign in securely with Google OAuth 2.0, which supports two-step verification, security keys, and advanced account protection.

Secure Infrastructure

Hosted on Amazon Web Services (AWS), which maintains SOC 2, ISO 27001, and other industry-leading security certifications.

Access Controls

Role-based access control ensures users can only access data they're authorized to see. Administrative actions are logged and monitored.

Regular Backups

Automated daily backups ensure your data is protected against loss. Backups are encrypted and stored in geographically separate locations.

24/7 Monitoring

Our systems are continuously monitored for security threats, performance issues, and unusual activity. Alerts are investigated immediately.

Audit Logging

All access and modifications to your data are logged. Complete audit trails help maintain accountability and support compliance requirements.

Compliance & Standards

Data Protection

  • DPDP Act 2023 & IT Act 2000 compliant data handling
  • Data Processing Agreements with all vendors
  • Right to access, correct, and delete your data
  • Data export in portable formats

Infrastructure Security

  • AWS SOC 2 certified infrastructure
  • Regular security assessments
  • Vulnerability scanning and patching
  • Incident response procedures

Our Data Practices

We never sell your data

Your information is never sold to third parties. We only use your data to provide and improve our services.

Minimal data collection

We only collect information necessary to provide our services. We don't track you across the web.

You control your data

Export your data anytime. Request deletion and we'll remove your information within 30 days.

Data Processing & Legal Compliance

LawCentral is operated by Partwigo Pvt. Ltd., India. We take our obligations under Indian data protection law seriously.

IT Act, 2000 Compliance

  • Reasonable security practices per Section 43A
  • Sensitive personal data handled per Rule 3 of SPDI Rules
  • Grievance officer available for data concerns

DPDP Act, 2023 Readiness

  • Consent-based data collection
  • Purpose limitation — data used only for stated purposes
  • Right to erasure and data portability
  • Data Processing Agreement available for enterprise clients

For a Data Processing Agreement (DPA) or to discuss enterprise data handling requirements, contact us at partwigolabs@gmail.com.

Security questions?

If you have questions about our security practices or want to report a vulnerability, please reach out to our security team.

security@lawcentral.aiPrivacy Policy