Information security is at the centre of everything we do.

LawVu is committed to maintaining a trust and compliance program that meets your organization’s needs and expectations.


We protect your data using encryption in transit and at rest using the latest industry standards.

We integrate with SAML SSO and SCIM to enforce organisation-wide access protocols including multi-factor authentication.

We undergo annual third-party penetration tests with crest-certified security firms and perform daily vulnerability scanning.


Our services are built on best-in-class technologies such as Microsoft Azure to ensure high availability and scalability on demand.

We regularly review and test our RTO and RPO metrics and we openly share our business continuity plans with our clients.

99.95% service uptime SLA.


We comply with the New Zealand Privacy Act 1993 and other applicable privacy and data protection laws when dealing with personal information.

If you are based in the EU, our GDPR addendum also forms part of our privacy policy.

We have a designated Privacy Officer and Data Protection Officer.


LawVu is ISO27001, SOC 1 and SOC2 Compliant

We maintain a compliance program that includes regular independent third-party audits to certify our products and services against ISO27001, SOC 1 and SOC 2 standards.

LawVu runs a comprehensive company-wide risk management program based around the ISO27001 controls framework.

Vendor security

Why you should insist on vendor security certification.

Company data, whether it is legally sensitive, personally identifiable or business-critical, is often the most valuable and high-risk asset of your organisation.

Request a copy of our security pack

The LawVu Security pack contains everything your organisation needs to get started on a security assestment of LawVu.