Security Policy

At EstateMin, protecting sensitive client and matter information is at the core of what we do. We design our systems and processes to meet high standards of security, reliability, and compliance.

Business Continuity & Resilience

• EstateMin is hosted on resilient cloud infrastructure with redundancy and automated backups.
• Daily encrypted database backups are retained for 30 days.
• Our recovery objectives are designed to ensure rapid restoration of services in the event of an outage.

Incident Response

• We maintain a documented incident response plan to identify, contain, and resolve security or service incidents.
• Our systems are monitored in real time, with automated alerts to our engineering and security teams.
• In the unlikely event of a security breach impacting client data, affected customers will be notified promptly, typically within 24 hours.

Vulnerability Management

• We continuously monitor for security advisories and apply updates promptly.
• High-severity issues are remediated as quickly as possible (generally within 72 hours).
• Medium and low-severity issues are addressed within established maintenance cycles.

Data Protection

• All data is encrypted in transit and at rest.
• Access to client data is strictly controlled and logged.
• EstateMin follows industry best practices to guard against common threats such as SQL injection, cross-site scripting, and unauthorized access.

Compliance

• EstateMin adheres to data protection laws including GDPR and CCPA.
• We support data subject rights, including the ability to access and request deletion of data.
• Our policies are reviewed and tested annually to ensure they remain effective and aligned with best practices.

Contact

If you discover a potential security vulnerability or have a compliance question, please contact us at security@estatemin.com.