Dedicated Security Expertise
Harvey’s in-house security team spans infrastructure, product, and operations. We implement robust security protections across the stack, with 24/7 coverage and end-to-end monitoring.
Security
For the Most
Sensitive Matters
Harvey keeps your client data safe with world-class security and data privacy measures.
Enterprise-Grade
Protection
Data Sovereignty and Control
With Harvey, you retain full control over your data. Decide which data to upload, set retention policies, delete data anytime, and keep everything in-region—EU, US, or Australia.
No Model Training
Harvey contractually guarantees through our Security Addendum that your data stays yours. We don’t use inputs, outputs, or uploaded documents to train underlying models.
Enterprise-grade Features
Harvey includes default controls that enterprise teams expect: SAML SSO, audit logs, IP allow-listing, data lifecycle management, and more.
Enforceable Contractual Commitments
Harvey’s Security Addendum includes binding terms on data protection, data access, incident response SLAs, and other controls aligned with SOC 2, ISO, GDPR and other standards. Our commitments are auditable, enforceable, and built to exceed standard vendor terms.
Independently Tested
Harvey partners with top-tier security firms, including Schellman, NCC Group and Bishop Fox, to perform in-depth audits. This offers external validation that Harvey meets the highest standards of resilience.
Security is Fundamental to Everything We Do
We’ve built a comprehensive system that protects data at every level-from robust user authentication to vigilant network monitoring. Our approach combines cutting-edge technology with rigorous protocols, ensuring that information remains secure in an ever-changing digital landscape. We constantly test and improve our defenses, staying ahead of potential threats to maintain the trust our clients place in us.
Explore Security PortalFrequently Asked Questions
Secured by a World-Class Team
