Hanzo Security

Trusted Approach

Hanzo’s enterprise ediscovery and compliance solutions are developed with industry best practices, legal-defensibility and security in mind. Companies trust and adopt our software into their enterprise ecosystems because Hanzo demonstrates its commitment to security across three critical security domains: company, application, and hosting provider.

Secure Architecture

From the application development process, to data retention, to encryption, authentication and authorization, Hanzo’s applications are designed to be secure. All customer information is encrypted when transmitted to and from Hanzo’s applications and a customer’s web browser via HTTPS (data-in-transit). All customer information retained on Hanzo’s storage systems is encrypted using unique 256-bit encryption keys with strict access control (data-at-rest).

Access Controls & Authentication

Hanzo encourages all customers to use single sign-on (SSO) to ensure a secure authentication and user identification process. SSO allows your existing account provisioning and de-provisioning, and robust password controls.

Data Retention

Hanzo Dynamic Capture retains customer data per the instructions of our customers, with no automatic disposition or destruction of data. Customers can direct us to return and/or dispose of their data pursuant to their instructions. Hanzo Hold retains data as long as it is subject to a legal hold or compliance obligation. Once the hold or compliance obligation is removed, data that is no longer subject to a hold will be deleted automatically and an audit record will remain to document the process.

Privacy Compliance

Hanzo respects the privacy and confidentiality of all customer data, and strictly adheres to GDPR practices and protocols. We comply with the EU Global Data Protection Regulation, as well as US domestic privacy regulations such as the California Consumer Privacy Act (CCPA) of 2018. For more specifics, visit the Hanzo privacy policy.