LAW TIME STAMP logoLAW TIME STAMP

Security & Compliance

Your client data is privileged. Here's exactly how we protect it.

Encryption

All data is encrypted in transit using TLS 1.2+ (HTTPS only) and at rest using AES-256 on our database and storage layer. Authentication tokens are stored as HTTP-only, secure cookies.

Per-user data isolation

Every table in our database enforces row-level security — a user can only ever read or write rows tied to their own account. This is enforced at the database layer, not in application code, so a bug in the app cannot leak data between users.

Hosting & data residency

Application code runs on Cloudflare's global edge network. Database and authentication run on a managed PostgreSQL instance with automated daily backups, point-in-time recovery, and 99.9% uptime SLA.

Australian Privacy Principles (APP)

Law Time Stamp is designed to align with the Australian Privacy Principles under the Privacy Act 1988. We collect only the data required to operate the service (your email and the time records you choose to enter), never sell or share your data with third parties, and provide full export and deletion on request.

Authentication

Sign-in uses email + password with mandatory email verification, or Google OAuth. Passwords are hashed using industry-standard algorithms. We never see or store your password in plaintext.

Compliance roadmap

We are actively working toward formal certifications including SOC 2 Type II and ISO 27001 as part of our move out of beta. If you require specific compliance documentation for your firm, contact us.