Security and Privacy

Your security is our priority. We use industry best practices and technologies to protect your personal data and transactions.

Security Standards

We work with world-class providers and apply bank-grade encryption standards

SSL/HTTPS Encryption

Provider: Vercel

All communications are encrypted with SSL/TLS protocol. Your information travels securely between your browser and our servers.

PCI DSS Level 1

Provider: Stripe

Payments are processed by Stripe, certified PCI DSS Level 1, the highest security standard for card payments.

NOM-151 SCFI

Provider: Mifiel

Electronic signatures are made through Mifiel, complying with NOM-151 which guarantees legal validity in Mexico.

AES-256-GCM Encryption

All Vault documents are encrypted with AES-256-GCM, the standard used by banks and governments. Keys are derived with PBKDF2 (100,000 iterations).

LFPDPPP 2025

We comply with Mexico's Federal Law for the Protection of Personal Data. We respect your ARCO rights.

Trusted Providers

We partner with industry leaders to bring you the best service

Vercel

Hosting platform with global CDN, automatic SSL certificates, and included DDoS protection.

Stripe

World-leading payment processor with PCI DSS Level 1 certification and advanced fraud prevention.

Mifiel

Mexican electronic signature platform certified under NOM-151 with legal validity.

Supabase

PostgreSQL database with SOC 2 Type II certification, encryption at rest, and automatic backups.

Data Protection

How we handle your personal information

Minimal Collection

We only collect information strictly necessary to provide our services.

Data Encryption

All your sensitive information is encrypted both in transit (SSL/TLS) and at rest (AES-256).

Access Control

We implement strict access controls. Only authorized personnel can access sensitive data.

Limited Retention

We delete personal data when it is no longer needed for the original purpose.

Seguridad de la Bóveda

Tu bóveda de documentos usa las mismas tecnologías que protegen a bancos y gobiernos

Encriptación

AES-256-GCM — El mismo estándar que usan bancos centrales y agencias de defensa
PBKDF2 — 100,000 iteraciones para derivar tu llave, resistente a ataques de fuerza bruta
Nonce único — Cada documento tiene un vector de inicialización aleatorio de 12 bytes
SHA-256 — Verificación de integridad, detecta cualquier alteración

Control de Acceso

Tu llave, tu control — Solo tú tienes la llave para desencriptar tus documentos
Bloqueo automático — Se bloquea después de 5 intentos fallidos de acceso
Registro de actividad — Cada acceso queda registrado con fecha, IP y acción
Organización segura — Carpetas por tipo de documento con acceso granular

Your ARCO Rights

You have control over your personal information

Access

You can request information about what personal data we have about you.

Rectification

You have the right to correct inaccurate or incomplete personal data.

Cancellation

You can request the deletion of your personal data from our systems.

Opposition

You can oppose the processing of your data for certain specific purposes.

To exercise your ARCO rights, contact us at:

privacidad@legalstock.mx

Infraestructura protegida por

StripePCI DSS Level 1

Procesador de pagos con el nivel más alto de certificación de seguridad en la industria

VercelSSL/TLS Automático

Hosting con CDN global, certificados SSL automáticos y protección DDoS

MifielNOM-151

Firma electrónica con validez legal en México conforme a la NOM-151

SupabaseSOC 2 Type II

Base de datos PostgreSQL con cifrado en reposo y backups automáticos

Tecnología de seguridad implementada

AES-256-GCM

Encriptación de grado militar para la Bóveda

PBKDF2

100,000 iteraciones para derivar llaves

SHA-256

Verificación de integridad de documentos

TLS 1.3

Cifrado de datos en tránsito

Have questions?

We're here to help with any security concerns

Contact Support