Our Frameworks
Choose a framework to submit an access request for your firm.
Data Protection & Security Whitepaper
Click below to initiate a download of Benchly’s Data Protection & Security Whitepaper. No NDA required.
DPS Whitepaper
SOC 2 Type II validates that Benchly’s security controls operate effectively over time to protect customer data.
Legal
Select the policy below to view details and access its dedicated page.
High-Level FAQs
Answers to common questions about what data Benchly accesses, where it is stored, and how it is protected.
Does Benchly access or store any of my document content/data?
No. The Benchly Add-In only interacts with published legal citations within a document and does not access, store, or transmit any other content. This targeted approach ensures that your confidential or privileged information remains untouched and fully secure on your local machine.
What user data is collected and how is it stored?
Benchly collects only minimal user information: company name, first name, last name, and company email address, solely for license allocation. This data is securely stored in Microsoft Azure’s cloud infrastructure, which uses AES-256 encryption at rest, TLS 1.3 in transit, and secure key management through Azure Key Vault.
Is Benchly’s MS Word Add-In (ezBriefs) compliant with Microsoft security standards?
Yes. Benchly’s Add-In strictly adheres to Microsoft’s security and compliance requirements for COM add-ins, operating in a sandboxed environment with process isolation and limited system access. This ensures that all data processing remains localized and aligned with Microsoft’s privacy and performance standards.
Does Benchly’s MS Word Add-In (ezBriefs) require an internet connection to work?
Yes. Benchly’s Add-In strictly adheres to Microsoft’s security and compliance requirements for COM add-ins, operating in a sandboxed environment with process isolation and limited system access. This ensures that all data processing remains localized and aligned with Microsoft’s privacy and performance standards.
Can the Add-In be used safely in government and regulated environments?
Yes. Benchly’s Add-In is designed to meet rigorous data protection standards, including SOC 2 Type II and the upcoming TX-RAMP Level 2 certification. These safeguards ensure compliance with strict privacy, confidentiality, and availability requirements for legal and government use.
Don’t see the framework you’re looking for?
Let us know your firm’s requirements by contacting us directly. We’re happy to discuss your compliance needs and explore options to support your request.