Security your clients
can trust
Built from day one to meet the strictest security and compliance standards in the legal industry. Your data is protected at every layer.
SOC 2 Type II in progress
Pursuing independently audited controls for security, availability, and confidentiality.
Professional Responsibility
Built to support attorneys' professional-responsibility obligations — confidentiality, competence, and citation accuracy.
Privacy by Design
Your data is never used to train AI models. Firm data stays isolated per firm and is never shared with other clients.
CCPA / CPRA Rights Honored
Access, deletion, and opt-out of sale/sharing — privacy requests via [email protected].
Enterprise-grade security features
Every layer of Mylo Prime is designed to keep your firm's data safe, private, and compliant.
Encryption in Transit and at Rest
All data encrypted in transit with TLS 1.2+ and at rest with AES-256. No plaintext storage of sensitive client information.
Attorney-Client Privilege Protection
Mylo AI never trains on privileged communications. Firm data is isolated, never shared, and never used to improve models for other clients.
Role-Based Access Control
Granular permissions for partners, associates, paralegals, and staff. Control who sees what — down to individual matters and documents.
Audit Logging
Audit logging of key financial, security, and data-mutation events — so you can see who accessed, modified, or exported sensitive records, with timestamps.
US Data Hosting
Your data is hosted in US data centers on Google Cloud, with per-firm data isolation enforced at the database layer (row-level security).
Automated Backups
Automated backups with point-in-time recovery on managed Google Cloud infrastructure, so your data can be restored if something goes wrong.
SSO & MFA
SSO via Google, plus multi-factor authentication (authenticator app and SMS one-time codes). SAML on the roadmap.
Security Testing
Internal security testing today, with independent third-party penetration testing planned annually. Responsible disclosure and rapid patching for any identified issues.
Your data. Your control. Always.
We believe transparency builds trust. Review our security practices in detail or request a personalized security review for your firm.