Security Policy
Last updated: July 17, 2026
MatterGuardian is built for law firms, and we treat the confidentiality of firm data as a design requirement, not an afterthought. This page describes the technical and organizational measures Wormhole Solutions LLC (“we,” “us”) uses to protect the data in your MatterGuardian account. It supplements our Privacy Policy and Terms of Service.
Infrastructure and Hosting
MatterGuardian runs on established cloud infrastructure hosted in the United States. All traffic between your browser and MatterGuardian is encrypted in transit with TLS (HTTPS is enforced; plain HTTP is not served). Data is encrypted at rest by our database provider.
Tenant Isolation
MatterGuardian is a multi-tenant service, and firm separation is enforced at two layers: every query in the application is scoped to your firm’s account, and row-level security policies at the database layer independently restrict each connection to a single firm’s rows. One firm’s data is never visible to another.
Application Security
- Passwords are never stored in plain text — they are hashed with bcrypt (work factor 12).
- Integration credentials (OAuth tokens) are additionally encrypted at the application layer with AES-256-GCM before storage; encryption keys live in environment configuration, never in source code.
- Access within a firm is role-based (Owner, Attorney, Staff), with owner-only controls for billing, integrations, and destructive actions.
- Database access goes through a query builder with parameterized queries, protecting against SQL injection; output encoding in the UI framework protects against cross-site scripting.
- Secrets and API keys are stored as environment variables in our hosting platform and are never committed to repositories.
Integration Security (Clio and Others)
Integrations connect via OAuth 2.0 — we never see or store your Clio (or other provider) password. Access is one-way and read-only in effect: matter, task, and calendar data is imported into your account; nothing in your provider account is modified. We request and store only the fields needed to operate the service. When you disconnect an integration, we revoke our access with the provider and delete our copy of the tokens immediately; syncing stops at that moment, and the data already imported remains yours inside MatterGuardian.
Data Handling
We practice data minimization: MatterGuardian stores matter names, workflow progress, deadlines, and the account details described in our Privacy Policy — it does not store legal documents, privileged communications, or financial account information. Your data is not sold, not shared for marketing, and not used to train artificial intelligence models. After cancellation, data is retained for thirty (30) days for reactivation or export, then permanently deleted.
Subprocessors
We use a small set of infrastructure providers to operate MatterGuardian. Each processes data only as needed to deliver the service and is bound by confidentiality obligations:
- Vercel — application hosting (United States)
- Supabase — database hosting (United States)
- Stripe — payment processing; card details are entered directly with Stripe and never touch our servers
- Resend — transactional email delivery (digests, notifications, password resets)
Incident Response
If we confirm a security incident affecting your firm’s data, we aim to notify affected firms without undue delay — our target is within 72 hours of confirmation — with what is known about the scope, the data involved, and the remediation underway, followed by updates until resolution.
Vulnerability Management
We welcome reports from security researchers and remediate confirmed vulnerabilities against published target timelines (critical and high severity as soon as possible, targeting seven days). See our Vulnerability Disclosure Policy for scope, rules of engagement, and how to report.
Contact
Security questions or concerns: dev@matterguardian.com. General support: hello@matterguardian.com.