For the Most Sensitive Matters

Harvey keeps your client data safe with world-class security and data privacy measures.

Enterprise-Grade Protection

Dedicated Security Expertise

Harvey’s in-house security team spans infrastructure, product, and operations. We implement robust security protections across the stack, with 24/7 coverage and end-to-end monitoring.

Data Sovereignty and Control

With Harvey, you retain full control over your data. Decide which data to upload, set retention policies, delete data anytime, and keep everything in-region—EU or Switzerland, US, or Australia.

No Model Training

Harvey contractually guarantees through our Platform Agreement that your data stays yours. We don’t use inputs, outputs, or uploaded documents to train underlying models.

Enterprise-grade Features

Harvey includes default controls that enterprise teams expect: SAML SSO, audit logs, IP allow-listing, data lifecycle management, and more.

Enforceable Commitments

Harvey’s Security Addendum includes binding terms on data protection, data access, incident response SLAs, and other controls aligned with SOC 2, ISO, GDPR and other standards. Our commitments are auditable, enforceable, and built to exceed standard vendor terms.

Independently Tested

Harvey partners with top-tier security firms, including Schellman, NCC Group and Bishop Fox, to perform in-depth audits. This offers external validation that Harvey meets the highest standards of resilience.

Enterprise-grade security and controls

Harvey is built on a non-negotiable principle: protecting the security and confidentiality of our customers' data. We've designed our platform from the ground up to safeguard the most sensitive information.

Explore Security Portal

SOC 2 Type II

CCPA

ISO 27001

GDPR

Security is Fundamental to Everything We Do

We’ve built a comprehensive system that protects data at every level—from robust user authentication to vigilant network monitoring. Our approach combines cutting-edge technology with rigorous protocols, ensuring that information remains secure in an ever-changing digital landscape. We constantly test and improve our defenses, staying ahead of potential threats to maintain the trust our clients place in us.

Explore Security Portal

Secured by a World-Class Team

Security by Design: How Harvey Engineered Trust from Day One

May 29, 2025•Blog

How Harvey’s Building a Culture of Privacy

August 19, 2025•Blog

Platform Walkthrough Video

A New Era of Collaboration for Legal and Professional Services

Harvey Academy

2025 Year in Review

For the Most Sensitive Matters

Enterprise-Grade Protection

Dedicated Security Expertise

Data Sovereignty and Control

No Model Training

Enterprise-grade Features

Enforceable Commitments

Independently Tested

Enterprise-grade security and controls

Security is Fundamental to Everything We Do

Secured by a World-Class Team

Security by Design: How Harvey Engineered Trust from Day One

How Harvey’s Building a Culture of Privacy

Platform Walkthrough Video

A New Era of Collaboration for Legal and Professional Services

Harvey Academy

2025 Year in Review

For the Most Sensitive Matters

Enterprise-Grade Protection

Dedicated Security Expertise

Data Sovereignty and Control

No Model Training

Enterprise-grade Features

Enforceable Commitments

Independently Tested

Enterprise-grade security and controls

Security is Fundamental to Everything We Do

How does Harvey define customer data?

How does Harvey keep my data private and secure?

Where is my data hosted and processed?

How do you respect access controls for client data?

How does Harvey ensure no one is training on my data?

Can my firm use our client data for model training?

How often do you perform security audits and vulnerability assessments?

Secured by a World-Class Team

Security by Design: How Harvey Engineered Trust from Day One

How Harvey’s Building a Culture of Privacy

Security is Fundamental to Everything We Do