We use industry-standard protections for confidential data so your information is secure.
We know that cloud storage requires extra effort to protect your data. Lucidscale has processes in place to keep your data secure and accessible to the right people. We use best practices for security for all three cloud providers that integrate with Lucidscale—AWS, Azure, and GCP.
Lucidscale claims no ownership over any document data. You retain all intellectual property and other rights to your documents and the information they contain. We respect your privacy and will never make your documents publicly available without your permission.
To ensure the privacy of your information, all data is transferred between user devices and Lucidscale servers using up to 256-bit encrypted connection via TLS 1.2 and a world-class certificate provider. Lucidscale also employs encryption at rest (AES-256) to protect the secrecy of all data persisted by the application. The cryptographic keys used to secure Lucidscale are protected by Amazon’s Key Management Services.
Lucidscale complies with applicable local and international requirements and maintains compliance certifications including:
Lucid has obtained the SOC 2 Type I and SOC 2 Type II certifications, both of which represent an external verification of Lucidscale's internal processes and controls. Lucidscale is also EU-US Privacy Shield certified and committed to CCPA and GDPR compliance.
Security and availability
Lucidscale is powered by Amazon Web Services (AWS), the industry’s leading provider of secure computing infrastructure. AWS provides stringent security measures, which include the following certifications:
- SOC 2 audits
- Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS)
- ISO 27001 certification
- U.S. General Services Administration FISMA-Moderate level operation authorization
To learn more about the security procedures employed by AWS, please review their documentation.
Visibility and control
Lucid Enterprise features allow you to maintain governance of your accounts so you can better adhere to compliance requirements. These features include document sharing restrictions, allowed IP restrictions, and allowed domains. We offer Key Management Service (KMS), which allows customers to control their own unique encryption keys to add an additional level of security.