CaseBridge™ Security and Data Protection Overview

1. Where is customer data hosted?
CaseBridge™ is hosted on secure cloud infrastructure provided by Amazon Web Services (AWS). AWS maintains globally recognized security certifications and provides enterprise-grade physical and network security for all hosted systems.

2. Is customer data encrypted?
Yes. CaseBridge™ protects data through encryption in transit using HTTPS/TLS and encryption at rest within AWS storage and database services. This protects both structured data and uploaded documents.

3. Who owns the customer’s data?
Customer firms retain full ownership of all legal matter data processed through the CaseBridge™ platform. CaseBridge™ does not claim ownership of user content and does not access legal materials except where necessary to provide technical support requested by the firm.

4. Does CaseBridge™ access client matter data?
No. CaseBridge™ personnel do not access customer legal matter data except when explicitly required to diagnose a technical issue and only with the customer’s permission. Access is strictly controlled and logged.

5. How is user authentication handled?
CaseBridge™ requires authenticated user accounts for access to the platform. Security controls include secure password requirements, encrypted login sessions, and optional multi-factor authentication for enhanced account protection.

6. How are developers prevented from accessing sensitive data?
CaseBridge™ follows a least-privilege access model. Developers receive access only to the specific system components required for their assigned modules. Development environments are separated from production environments to prevent unauthorized access to customer data.

7. Does CaseBridge™ store sensitive personal identifiers?
CaseBridge™ minimizes the storage of sensitive identifiers. Certain identifiers required for bankruptcy filings (such as Social Security numbers) may be temporarily processed to generate required court forms. These values are masked within the user interface and protected through encryption and restricted access controls.

8. How is document storage secured?
Uploaded documents and generated filing packets are stored within secure AWS object storage. Storage buckets are configured as private and accessible only through authenticated application requests, preventing public access.

9. How does CaseBridge™ monitor security events?
CaseBridge™ maintains system logging and monitoring to detect unusual activity, unauthorized access attempts, and infrastructure anomalies. Security events are reviewed and investigated promptly.

10. What happens if a security incident occurs?
CaseBridge™ maintains an internal Incident Response Policy that defines procedures for identifying security incidents, isolating affected systems, investigating root causes, remediating vulnerabilities, and notifying affected users if required.

11. How long is customer data retained?
Customer data is retained only for the duration necessary to operate the platform and support the customer’s active account. Upon account termination, customers may export their data and request deletion of stored materials.

12. Does CaseBridge™ sell or share customer data?
No. CaseBridge™ does not sell, monetize, or share customer data with third parties. Customer information is used solely for operating and improving the platform.

</div>