Security
Parachute takes the security of your legal data seriously. Here’s an overview of how we protect your information.
Data handling
- Encryption in transit - all data is encrypted using TLS during transmission
- Isolated environments - each organisation’s data is logically isolated from other organisations
- Access controls - role-based permissions ensure team members only access what they need
AI data usage
- Your documents and knowledge base content are used only to generate responses for your organisation
- Parachute does not use your data to train AI models
- AI interactions are processed securely and not shared across organisations
Infrastructure
Parachute is hosted on secure cloud infrastructure with:
- Regular security updates and patching
- Automated backups
- Monitoring and alerting for suspicious activity
Certifications and audits
- ISO 27001 - certification is underway. Our Stage 1 audit is complete, with the Stage 2 certification audit scheduled. We will publish our certificate on the security page once Stage 2 is complete.
- SOC 2 - our security practices are aligned with SOC 2 controls covering security, availability, and confidentiality.
Vulnerability disclosure
We welcome security researchers to help us identify and fix vulnerabilities. See our vulnerability disclosure policy for details on how to report issues responsibly.
Full security details
For comprehensive information about our security practices, certifications, and data processing policies, visit our security page at goparachute.ai/security.
Questions
If you have specific security questions, contact us at security@goparachute.ai.
Next steps
- Team management - roles and access controls
- Knowledge base - how your data powers AI responses
- Vulnerability disclosure policy - report security issues
Was this page helpful?