Security Statement
Our approach to data protection and security controls.
1. Overview
We implement layered administrative, technical, and physical safeguards to protect client information.
2. Administrative Controls
- Access control based on role and least privilege
- Employee confidentiality and security awareness training
- Vendor due diligence and confidentiality commitments
3. Technical Controls
- Encryption in transit (HTTPS/TLS) and at rest where applicable
- Network segmentation and hardened configurations
- Security monitoring and vulnerability management
4. Data Residency
We support data residency in US, UK, or EU regions. Systems are configured to store and process client data in the agreed region and are validated during onboarding and periodically thereafter.
5. Physical Controls
- Secure office access and visitor management
- Device management with screen lock and encryption
6. Incident Response
We maintain an incident response procedure for timely detection, containment, and notification as required by law.
7. Contact
Report security concerns to security@lexocrates.com.
Last updated: 2024-08-01