LawSafe Systems, LLC
LawSafe is owned and operated by LawSafe Systems, LLC, a Michigan limited liability company, and it may be referred to in this Security Policy for ease of reading as “LawSafe,” or “us,” “we,” or “our.” Whether you are an owner storing his or her private Documents and Information, a member of any owner’s Circle of Trust, or a Professional that assists such users, you may for ease of reading be referred to as a “user” and sometimes “you” or “your.” Your documents, financial or personal information, data, files, records, and images stored in your LawSafe shall be known here as your “Documents and Information.”
Security as a Prime Concern
We know storing your Documents and Information online raises concerns about data breaches and security. So, we have implemented security measures to protect your Documents and Information from hackers and cyber-attacks.
What You Can Do
The security of your online data depends in part on you. With LawSafe it also depends upon your Circle of Trust. Be sure to choose the members of your Circle of Trust wisely and be careful about the access and permission you give them. Seeking the advice of an attorney or other qualified professional is advisable.
Elect to use Two Factor Authentication. 2FA may be the best way to increase the security afforded your LawSafe.
Do not share your passwords with anyone and do not enter them in your LawSafe. Do not enter your complete financial account numbers, social security numbers, driver’s license nor passport number, nor your date of birth (“Critical Information”). We use one of the largest PCI compliant credit card processors in the United States and do not directly receive nor do we ever store your credit card information.
While all your Critical Information will be needed in an emergency and after you pass away, you should consider maintaining it physically on paper or in a safe place. We prompt you throughout LawSafe to specify where items like your password list, marriage certificate and social security card might be found. Physically maintaining those items in a safe place is important.
Data Secured at Rest and in Transit
As recommended by the United States Department of Commerce, National Institute of Standards and Technology Special Publication 800-132, all your data is stored using Advanced Encryption Standard (AES) 256 which uses uniquely derived keys for each user. We encrypt all the data fields and documents in the database. For searching and indexing, we hash a small number of fields using HMAC (hash-based message authentication code). We apply the same encryption technique to all documents that you upload.
All communications between you, members of your Circle of Trust, and/or LawSafe itself, are encrypted via Secure Sockets Layer (SSL) and 2048-bit certificates and we require SSL on all communications. We support perfect forward secrecy so that even if someone eavesdrops on your communication, they will still not be able to decrypt the data in the event that the LawSafe key is compromised.
From time to time we audit the LawSafe environment and code for security issues and apply patches where applicable. We use commercial services that regularly check our site (including McAfee Secure) and we retain independent security experts to probe and verify the security of LawSafe.
Administrative Access to your Information
Two Factor Authentication
If you enable Two Factor Authentication (2FA) for your LawSafe Account, whenever you or members of your Circle of Trust sign into your LawSafe we will send a unique code to the user’s mobile phone or designated email address that will be required before you gain access. This extra layer of security ensures that even if your passcode is compromised no one can access your LawSafe. We strongly recommend electing to use 2FA. If you do, it will apply to you and members of your Circle of Trust.
Effective Date: October 26, 2019
Last Updated: April 14, 2021