Enterprise Security
by Design
Norric enforces rigorous security standards across encryption and access management to protect data privacy and compliance.
ISO 42001
ISO 42001 certified, our AI governance framework gives customers confidence in how we build and run AI.
ISO 27001
Legora is fully certified with ISO 27001, the internationally recognized standard for information security management.
SOC2 Type 2
We meet SOC 2 requirements to ensure secure and compliant management of data across all our systems.
GDPR
With our technical team based in Sweden, we operate under GDPR — the world's strictest standard for data privacy.
Institutional-grade Security
Your data stays yours
Customer data is never used to train, fine-tune, or improve any foundation or proprietary AI models. All data remains confidential and isolated to your environment.
Controlled access by design
We operate under zero-trust principles. No user or system is inherently trusted, and any access to customer data is strictly limited, logged, and requires explicit customer approval.
Legal-grade security standards
Our platform is built to meet the security, compliance, and governance expectations of institutional investors, financial firms, and regulated entities.
Trusted infrastructure
The system is designed to securely store and process sensitive financial information at scale, with protections aligned to high-risk data environments.
Full ownership and flexibility
Norric supports all major Single Sign-On (SSO) protocols, giving you full control over user access. Our enterprise security controls allow you to define where data is stored, how long it is retained, how encryption keys are managed, and how AI systems may process your data. Customer data is isolated, auditable, and never used to train or fine-tune AI models.
Maintain Complete Control
Full data ownership
and control remain with you.
Data retention
Set and manage data retention periods to align with your internal policies and regulator.
Data governance
Legora's Data Governance tools give you real-time insight into who's accessing your data and when.
Encryption management
Manage your own encryption keys with our BYOK option to keep sensitive data protected at all times.
User authentication
SSO integration gives you complete control over user authentication and access management.