For the Most
Sensitive Work
Sandstone keeps your work safe with world-class security and data privacy measures. Our platform ensures protection through enterprise-grade controls, rigorous compliance, and privacy-first architecture.
Protection
Enterprise-Grade Security
Built from the ground up with security as a core principle, not an afterthought.
Dedicated Security Expertise
In-house security team spanning infrastructure, product, and operations with 24/7 monitoring and incident response capabilities.
Data Control and Portability
You retain full control over your data with customizable retention policies and complete data portability. All data is hosted securely in the United States.
No Model Training on Your Data
Contractual guarantee that your data is never used for AI model training or improvement. Your data remains exclusively yours.
Enterprise-Grade Features
SAML SSO, comprehensive audit logs, role-based access control, and full user lifecycle management.
Enforceable Commitments
Binding security addendum aligned with SOC 2 standards. Clear contractual obligations you can rely on.
Independently Tested
Regular third-party security audits and penetration testing from leading security firms to validate our controls.
Our Philosophy
Security is Fundamental to Everything We Do
We built Sandstone with a security-first mindset from day one. Our comprehensive, multi-layered approach to data protection combines cutting-edge technology with rigorous protocols. We continuously test our systems and monitor for threats to ensure your most sensitive legal matters remain protected.
FAQ
Frequently Asked Questions
Common questions about our security practices and data protection.
Customer data includes all information you upload, create, or process through Sandstone's platform. This encompasses documents, contracts, communications, metadata, and any other content you provide. We treat all customer data with the highest level of confidentiality and protection.
We employ multiple layers of security including encryption at rest and in transit (AES-256 and TLS 1.3), strict access controls, comprehensive audit logging, network isolation, and continuous security monitoring. Our infrastructure is hosted on enterprise-grade cloud providers with SOC 2 certification.
Your data is hosted in secure, SOC 2 certified data centers located in the United States. All processing occurs within the US.
Sandstone implements role-based access control (RBAC), allowing you to define granular permissions for your team. We support SAML SSO integration and session management. All access is logged and auditable to ensure complete visibility into who accessed what and when.
We have strict contractual and technical controls in place to ensure your data is never used for AI model training. Your data is isolated and used solely to provide the service to you. We don't share, sell, or use customer data for any purpose beyond delivering our contracted services.
Yes, with your explicit consent, you can choose to enable features that learn from your organizational patterns to improve suggestions and workflows specifically for your team. This is always opt-in, controlled by you, and the learned patterns remain exclusive to your organization.
We conduct continuous automated security scanning, quarterly internal security assessments, and annual third-party penetration testing by leading security firms. We also maintain a responsible disclosure program and promptly address any identified vulnerabilities.
Have more questions about our security practices?
Contact Security Team
Learn More
Learn More