Trust Center

Combined Shape

Security at our Core

Enterprise-Grade Safeguards for Modern Legal Teams

Where is the data in KLERQ stored?

The KLERQ platform run from KLERQ’s multi-tenant environment hosted on the Microsoft Azure data centre in Amsterdam, The Netherlands, with a fallback to Dublin, Ireland.

For additional control, a KLERQ private-tenant setup can be hosted in the Microsoft Azure data centre of your choice.

What type of data is stored in KLERQ?

KLERQ stores commercial data relevant to law firm marketing and business development activities. This includes information about clients, matters, contacts, lawyer biographies, practice areas, pitches, submissions, public recognitions (such as rankings or testimonials), and related documents. All data is stored securely within the EEA, and access is role-based and fully auditable. Sensitive or confidential information is only included when intentionally entered by the client. 

 

 

 
Vraag ChatGPT

How is the data protected in KLERQ?

All data is encrypted in transit using TLS 1.2+ and encrypted at rest using AES-256 standards. This ensures your data is secure while being transferred and while stored.

Who can access the data?

Access to client environments is strictly limited to authorized personnel and only upon explicit client request, for example during onboarding or support. All access is fully logged and auditable. Role-based access control ensures that only the right people can view or edit sensitive information.

What backup and recovery options are in place?

We perform automated daily backups with a retention period of 30 days. In case of data loss or incident, our recovery process ensures minimal downtime and preserves data integrity.

Which third parties help power the platform?

We proactively limit the number of third parties involved in running KLERQ to ensure control, security, and compliance. Our core infrastructure is hosted on Microsoft Azure, and we use Sentry for error monitoring and HubSpot for CRM and customer support.

All subprocessors are carefully vetted for their security and privacy policies, and all data is stored exclusively within the European Economic Area (EEA). A full and up-to-date list of subprocessors is available below.

Does KLERQ support SSO and MFA?

Yes, KLERQ supports Single Sign-On (SSO) for clients and can integrate with your existing identity provider, including Microsoft (Outlook) and Google Workspace.

We also support Multi-Factor Authentication (MFA) through the Microsoft Azure platform and Authenticator app. MFA can be enabled upon request to provide an additional layer of security.

Do you use AI, and how is it secured?

Yes. KLERQ uses OpenAI’s GPT-4o model via Azure OpenAI, deployed privately within Microsoft’s secure West-Europe (Netherlands) environment. The model runs entirely within our own Azure infrastructure, prompts are never sent to public endpoints or external providers.

All communication between our application and the AI model is encrypted (HTTPS) and access is strictly limited to verified services using Azure’s identity and access controls.

No data is used for training. Interactions are not stored or accessible, and logging is limited to technical metrics (e.g. latency, error rates). To mitigate risks like data leakage or prompt injection, KLERQ applies strict prompt validation and uses AI only within well-defined features, never for autonomous decisions.

Our policies

We make our policies as clear, fair, and readable as possible.

Cyber Security Policy

The KLERQ Cyber Security Policy,  establishes robust measures and responsibilities to protect information assets and client data, ensuring compliance with GDPR and mitigating cybersecurity risks across all departments and services. Managed by our technology department.

 
 

Data Processing (DPA)

The KLERQ Data Processing Agreement, outlines how we process personal data in compliance with the GDPR, ensuring robust protection and control for our users. This agreement, integral to our services, governs data interactions between KLERQ, and our clients as Data Controllers.

 
 

Terms of Use

The KLERQ SaaS Terms of Use, establish the conditions under which users can access and utilize KLERQ’s software services. This comprehensive agreement covers licensing, user responsibilities, and service provisions.

 
 

Data Transfer Impact

At KLERQ, we’ve developed a document to assess the impact of data transfers to U.S. providers (currently: PostMark) following the “Schrems II” ruling, detailing our thorough approach to upholding EU data protection standards.
 
 

Privacy Policy

This privacy statement informs you of the processing of your data by KLERQ via this website. We will solely process your data by the applicable regulations on data processing, such as the General Data Protection Regulation and the Dutch Telecommunications Act.

 
 

List of Subcontractors

Subcontractors that we engage with to support the delivery of our services. Each subcontractor is carefully selected based on expertise, reliability, and compliance with our quality and data protection standards.