Security Assurance
Law-firm security controls for client and invoice data
DueForce is built for attorneys and law firms. This page summarizes the technical and operational measures we implemented to protect sensitive client and invoice information.
1) Data isolation (RLS) at the database layer
- • Supabase Row Level Security (RLS) is enabled for `invoices` and `clients`.
- • Supabase RLS is enabled for `user_firm_settings` (firm name, billing reply-to, branding, and related profile fields).
- • Supabase RLS is enabled for `reminder_logs` and `client_contact_preferences` (firm-controlled per-client contact settings, such as suppressing reminders when you enable "Do not contact" on the Clients page).
- • Supabase RLS is enabled for `email_tracking` (per-user read of delivery status rows associated with your account). Inserts and webhook-driven updates run only through secured server-side routes using elevated credentials, not from the browser.
- • DueForce uses a strict isolation model: each subscriber account maps to an authenticated user, and RLS policies scope data access to that user's rows.
- • Demand letter sends are logged to `demand_letter_logs`, also protected by RLS.
- • Pro and admin access checks exist both in the app UI and in protected backend routes.
2) Confidential client communications
- • On invoices and demand letters, you can enable a "Confidential client data" labeling toggle.
- • When enabled, reminder emails and demand letters include a clear "CONFIDENTIAL CLIENT COMMUNICATION" label/header so your team can treat communications appropriately.
- • Confidential labeling is a communications safeguard and workflow signal. It is not a substitute for your professional or contractual confidentiality obligations.
3) Auditability for professional recordkeeping
- • Reminder automation writes `reminder_logs` (scheduled time, status, and metadata).
- • Demand letter sends write `demand_letter_logs` (status, recipient email, and letter hash).
- • Email delivery records in `email_tracking` store message type, recipient, provider message identifier, and status timestamps (for example sent, delivered, opened, or bounced) when reported by the email infrastructure.
- • You can export reminder logs and view the activity history for your own cases.
- • Automated retention: a scheduled server job deletes `email_tracking` rows older than 24 months and `reminder_logs` / `demand_letter_logs` rows older than 7 years, consistent with our Privacy Policy.
- • Account closure: users may permanently delete their account from the Account page, which removes DueForce application data for that user (see Privacy Policy for processor-specific nuances).
4) Transport security and encryption
- • All traffic uses HTTPS/TLS.
- • Data is stored in Postgres via Supabase (encryption at rest).
- • Payment card details are handled by Stripe; DueForce does not store full card numbers.
- • Optional firm logos are stored in Supabase Storage (dedicated bucket); access is tied to your account for upload and retrieval consistent with app permissions.
5) Email delivery, webhooks, and firm copies
- • Outbound invoice reminders and demand letters are sent through transactional email infrastructure (e.g., Resend). Message content and headers are transmitted to that provider only as needed to deliver mail.
- • Inbound delivery webhooks are accepted only after signature verification (industry-standard signing, e.g. Svix-style headers and a secret configured on our servers), reducing the risk of forged status updates.
- • The Service applies a BCC to your configured billing reply-to address on automated reminders and demand letters when that address differs from the primary recipient, so your firm receives a copy for records.
This page is provided for informational purposes and does not constitute legal advice. No system can guarantee absolute security. If you have specific confidentiality or compliance requirements for your firm, email us at admin@dueforce.ai.