Security at MatterIn

All data is encrypted in transit using TLS 1.3 and at rest using AES-256. This applies to every enquiry record, client detail, and communication stored within the platform. Your firm's data is unreadable to anyone without proper authorisation.

Role-based access controls ensure users only see what they need. Administrators can define permissions at firm, department, and individual levels. Multi-factor authentication (MFA) is enforced for all accounts to prevent unauthorised access.

MatterIn runs on a secure, UK-based cloud infrastructure with ISO 27001 certified data centres. Our systems are continuously monitored for threats, with automated intrusion detection and real-time alerting to our security operations team.

Every action within MatterIn is logged. Firms can review who accessed what data and when, providing a complete audit trail. This supports both internal governance and regulatory requirements, including SRA accounts rules compliance.

MatterIn is designed to help firms meet their obligations under the UK GDPR, Data Protection Act 2018, and SRA Standards and Regulations. We maintain a data protection impact assessment and publish regular compliance reports.

We maintain a documented incident response plan with defined escalation procedures. In the unlikely event of a security incident, affected firms are notified within 72 hours in accordance with GDPR requirements. Regular penetration testing is conducted by independent third parties.