Data Security Statement AU/NZ

Arken is a cloud service provided by Arken.legal Limited. Businesses can register to use Arken and are required to complete a business profile, purchase subscriptions and pay any relevant fees. With a valid subscription Arken can be used to draft and download completed documents.

Arken utilises an intelligent, interactive questionnaire front end whereby a user can input information, make selections and choose options relevant to their client’s circumstances and requirements. There is continual interaction between the front end and the server to present to the user relevant questions based on previously entered information, selections made and chosen options. At the same time, the document generation engine dynamically drafts the document, presenting the same to the user on-screen in real time.

Data Security

Overview

Arken.legal is committed to the security of our client’s data. We take a “defence in depth” approach to protecting our systems and your data. Multiple layers of security controls protect access to and within our environment, including physical and network security, firewalls and intrusion protection systems.

Arken‘s security services are configured, monitored and maintained according to good industry practice. We utilise industry-leading vendors to leverage their expertise and global threat intelligence to protect our systems.

You control access

As a client of Arken you have flexibility and control of the users of the system. On registration, a Primary User is created to hold the subscription. The Primary User can invite unlimited users into your account and has control over who has access and what they are able to do. Please see our Privacy Policy for further information.

User authentication

User access to Arken is through a login and password. Users are responsible for maintaining the security of their own login information.

Data encryption

We encrypt all data communication between you and Arken using the latest industry-standard SSL & TLS 1.3 (Transport Security Layer) with HSTS (HTTP Strict Transport Security) for enhanced security.

Facilities

Arken.legal uses enterprise-grade hosting facilities that are PCI and ISO accredited and employ robust physical security controls to prevent physical access to the servers and redundant power, air conditioning and communications. Controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits.

All data is held only in Australia with servers, application and data replicated across multiple isolated locations. Arken employs redundancy and backup strategies to minimise the risk of data loss or outages.

People and access

Arken.legal maintains administration accounts on the service only for purposes of application health monitoring and performing system or application maintenance, or upon customer request via our support system.

Within Arken.legal, only authorised Arken.legal personnel have access to application data which is strictly limited to essential personnel only and only from Arken.legal equipment.

Monitoring

Arken.legal continuously monitor event logs, notifications, and alerts from all system to identify and manage threats.

Removal of client data

Client data will be removed in accordance with our Privacy Policy.