How we protect your firm’s and your clients’ data.
Maggie uses multi-tenant architecture. Your firm’s data is strictly isolated from other tenants. Access is controlled by role (admin, lawyer, paralegal, client) and by tenant.
Data in transit is protected with TLS (HTTPS). We recommend that production deployments use SSL/TLS and that databases and backups are encrypted at rest where supported.
Staff access uses JWT-based sessions with configurable expiry. Two-factor authentication (2FA) is available for staff accounts. Client portal access is separate and limited to their own cases and invoices.
The platform supports audit logging of sensitive actions so you can review who did what and when. Use the audit features in your dashboard to meet internal and compliance requirements.
When you use self-hosted Ollama, all AI processing runs on your own infrastructure. Your data does not leave your environment. You control where and how the AI is used.
Maggie is designed with legal practice in mind. You remain responsible for ensuring your use meets applicable rules (e.g. bar, notary, data protection). We recommend reviewing our terms and privacy policy and configuring backups and retention to match your obligations.
Contact us for security or compliance questions.