The Vesence Platform

Vesence works in Word, Outlook, and as a Web app. It's intelligence like you have never experienced before in Microsoft Office.

Book a Demo

Appendix 4 - Security Requirements

Appendix 1 - General Terms and Conditions

Appendix 2 - Service Description

Appendix 3 - Data Processing Agreement

Vesence AB — Service AgreementAppendix 4

Security requirements

1Data Protection Commitment

Vesence agrees to uphold the highest standards of data security to ensure the confidentiality, integrity, and availability of data shared or processed under the Agreement. Vesence will implement appropriate technical and organizational measures to safeguard data, as further detailed below.

2Security Measures

2.1To protect shared data, Vesence commits to the following security measures:

Authentication & Authorization: Utilizing enterprise-grade identity management solutions, including Microsoft Entra ID integration, token-based authentication, and Role-Based Access Control (RBAC), to ensure secure access to systems.
Data Encryption: Encrypting all data in transit using TLS 1.3 and at rest using AES-256 encryption within a secure Azure private environment. Vesence will also follow Zero Trust principles to verify and secure any requests for data access.
Infrastructure Security: Hosting on Microsoft Azure leveraging its built-in compliance, real-time monitoring, and secure framework. Vesence will be SOC 2 Type II certified by Q2 2025.
Data Retention and Opt-In-Storage: Vesence has turned off Content Filtering and Abuse Monitoring from Microsoft Azure as default. If Customer chooses to create agents in the Web App, Customer has opted in to storage of such data which is always customer controlled and stored on Azure.
EU Processing: All data processing undertaken by Vesence on behalf of Customer takes place in the European Union.

3Compliance with Laws and Standards

Vesence affirms its adherence to applicable privacy and data protection laws, including GDPR. Furthermore, Vesence will implement industry-recognized controls and ensure that all Customer Data processed by Vesence on behalf of Customer is processed and stored exclusively in the Azure European Central region to comply with international and local data sovereignty laws. Vesence has obtained and maintains a SOC 2 Type II certification.

4Continuous Improvement

Vesence will conduct regular vulnerability assessments to proactively address potential threats. Processes and systems will be updated as necessary to adapt to evolving threats and industry standards.

5Collaboration with Customer

Vesence commits to working collaboratively with the Customer to address any specific security concerns or compliance requirements raised by the Customer. Such collaboration may include providing additional details about Vesence's security architecture, data handling policies, and incident response framework.

Service Agreement — Appendix 4Page 1 of 2

Appendix 1 - General Terms and Conditions.docx

Word

Appendix 2 - Service Description.docx

Word

Appendix 3 - Data Processing Agreement.docx

Word

Appendix 4 - Security Requirements.docx

Word

Update all client-facing appendices to confirm SOC 2 Type II compliance and cross-reference Appendix 4

How can I help?

The Platform

Vesence Web App

Create, organize, edit, and review many files at once. A web app built to handle your entire matter from one place.

Learn More

Vesence in Word

Draft, review, and check documents directly in Microsoft Word. Purpose-built to your firm's styles and formatting.

Learn More

Vesence in Outlook

Set firm-wide House Style rules and let Vesence review, draft, and check every email before it leaves the firm.

Learn More

Traceable AI

Always know where the AI grabbed its data from. Every statement is backed by citations you can click to jump to the exact source.

The SPA sets out three permitted methods of delivering notices under Clause 11. Notices sent by email are only valid if the other party confirms receipt, which shall not be unreasonably withheld. Registered mail is deemed received on the third business day after posting.Hand delivery or reputable international courier is effective on the date of receipt, provided it arrives before 5 pm CET on a Business Day. Note that the notice clause does not include any provision for deemed service by email alone, confirmation of receipt is always required.

Flawless Legal Work,
Every Time.

Book a demo to hear more about Vesence.

Book a Demo

The Vesence Platform

The Platform

Vesence Web App

Vesence in Word

Vesence in Outlook

Traceable AI

Flawless Legal Work,Every Time.

Flawless Legal Work,
Every Time.