ClauseBase uses a dedicated (non-cloud) production Linux server, hosted by the German hosting company Hetzner, with whom a formal GDPR data processing agreement is concluded. The server is physically located in the Helsinki data center.
This data center runs 100% on wind and hydropower, has ISO certification (audit report available on request), is guarded by on-site security guards, biometric readers, connected with redundant fibre, and has redundant configurations for all critical systems. The server can only be accessed by ClauseBase administrators, through an encrypted VPN connection secured with a strong password.
Additionally, we use cloud servers from Finnish hosting provider Upcloud (Madrid and Frankfurt), physically located in data centres operated by InterXion, for SSO connectivity and encrypted storage of hourly database backups.
Both data centers run 100% on renewable energy, have several ISO security certifications (ISO 27001 and ISO 22301), and have state-of-the-art security and redundancy.
The entire database cluster is backed up on a daily basis, encrypted with offsite keys, and then sent to two different data centers (Frankfurt and Falkenstein, both in Germany), operated by different hosting providers.
In addition, the databases used by ClauseBase are backed up on an hourly basis. To allow for exceptional access to historical versions, most changes to clauses and templates are stored in a version-log that retains data for up to one month.
The uptime of all our public servers isavailable at status.clausebase.com. Private instances for specific clients receive their own status page.
ClauseBase primarily stores clauses and template, which only exceptionally contain confidential data.
ClauseBuddy and Clause9 do not provide facilities to manage existing contracts, as typical contract management solutions offer.
The platform performs strikes a logging balance between security requirements (where maximal logging is generally recommended) and personal data protection (where the minimally feasible amount of logging is preferred).
All data exchanged between the browser and the server is encrypted, strongly compressed, and protected against Cross-Site Request Forgery (CSRF) attacks.
A secured WebSockets connection (wss://…) to the server is persistently maintained by each user’s browser, to allow for real-time interactions; if a user's firewall blocks Websockets, then AJAX polling is used as a fallback.
Any time the connection is interrupted, the browser will store the current working session in its memory, and then block the user from continuing, so as to prevent data loss.
Login cookies can be centrally invalidated on a per-user basis, so as to force a new login if user devices or passwords would be compromised.
We have installed a SIEM & XDR solution for log analysis and intrusion, threat & vulnerability detection, with agents running on our dedicated server and all our laptops. We closely monitor the MITRE ATT&CK knowledge base.
The Enterprise version of the ClauseBase platform can optionally be installed on-premise, for customers that require exceptional levels of confidentiality.
Conversely, for the "Clause Hunt" feature in ClauseBuddy, we strongly recommend all customers to use their own private server to host their thousands of historical documents. We offer secure, built-in "lockers" to allow customers to experiment with this feature, but strongly recommend to never upload sensitive information in these lockers.
User passwords must have a minimum of 8 characters, are checked for minimum complexity using Zxcvbn (rejecting common passwords, patterns, …) and are stored in the database with a salted hash (BCrypt combined with SHA-512) against rainbow table attacks. API-keys consist of 36 characters are generated on a per-user basis (password-based key derivation function 2 with Blake2b-512).
Logins are optionally, on a per-user basis, secured by two-factor authentication (2FA), using industry-standard one- time password generator apps, such as Authy, Microsoft Authenticator or Google Authenticator. After 10 failed login attempts, the user will be automatically blocked for an increasing number of minutes, to stall brute-force attacks. It is also possible to connect through SSO (e.g., Azure and Okta).
ClauseBase allows customers with Office & Enterprise subscriptions to allow users to login through Single Sign-On (SSO). We currently support Microsoft Azure, Okta, OneLogin, Salesforce and Google SAML.
Granular access rights can be imposed on all clauses and documents, to reflect your working practices.
This allows you to, for example, give all lawyers access to all content, across all departments. Or perhaps you want to segment access per department? Maybe grant access to lawyers in cross-departmental industry groups?
ClauseBase BV is a Belgian legal entity, subject to the strict requirements of the EU General Data Protection Regulation. A privacy statement is separately available; a list of relevant subcontractors is also available.
Both founders of the company are former lawyers specialised in EU data protection. It goes without saying that the entire product was built from the ground up to comply with the GDPR.
ClauseBase goes beyond what the GDPR requires.
We not only avoid storing personal data outside the EU, but also actively avoid service providers established outside the EU, with the exception of Microsoft (for our internal O365 accounts) and Apple (for our laptops and smartphones).
Any folder can be set to automatically delete its sensitive contents after a customisable period of time.
Generated .DOCX and .PDF files are very short-lived on our servers (between 60 and 120 seconds — essentially the time required to safely download these documents).
We provide you with the possibility to generate DOCX and PDF files completely within the end-user’s browser, so data protection legislation won’t even apply.
Users can optionally store their answers in an encrypted format (ChaCha cipher).
Backups are encrypted and stored on servers in a different data center.