Gallo Guided Summaries

Security and privacy

Industry-recognized technologies and security frameworks

We have made it our top priority to safeguard 
your data with robust security measures.

Built on trust

Our unwavering commitment to data privacy and security stands at the forefront of our operations. We’ve designed Gallo Guided Summaries to ensure the utmost confidentiality and protection of legal data, reinforcing the trust legal professionals place in us.
Our Trust Center demonstrates our real-time compliance with security controls. You can also request access to our SIG Lite 2024 and CAIQ questionnaires, pen test summary, and security credentials.
 

Security credentials

We use industry standards and verification by independent auditors, and take a comprehensive approach to secure our products and solutions. We are currently undergoing the testing period for SOC2, Type II and HIPAA certification. You can view our compliance with specific controls within our Trust Center.

Third-party penetration testing

Gallo Guided Summaries works with reputable third-party firms to conduct annual external penetration tests on our web application. All findings are addressed in accordance with our formally documented Vulnerability Management policy. We can provide a letter of attestation from the external firm for its most recent pen test upon request.
 

Data encryption and infrastructure

Product security

Organizational security

Testing and auditing

Personal expertise

Frequently asked questions

Does Gallo Guided Summaries receive customer data, and who does it come from?

Gallo Guided Summaries  receives data from customers when they sign up for their account. We receive data via the legal transcripts that you upload to generate a legal summary.

We treat your  data and your clients’ data as confidential and highly sensitive and take extensive precautions to keep it safe.

Where is the data stored?

Data is stored in the US within our AWS environment.

 
Who has access to the data?

Gallo Guided Summaries operates with the principle of least privilege (PoLP) and limit employee access to the minimum level of permissions needed to complete their job.

All of Gallo Guided Summaries’s employees receive background checks and  complete annual security training.

Do you have a Business Continuity / Disaster Recovery Plan?

Yes, as part of our preparation for HIPAA compliance we established a Business Continuity / Disaster Recovery Plan.

We are a remote first company. All personnel are equipped and trained to work securely and remotely with no interruption in their ability to provide services.

Do you handle any payment processing?

Gallo Guided Summaries does not handle payment processing. We use Stripe for all payment card information storing and transactions.