Secure By Default

Security is the center of everything we build and do – our processes and systems are designed to protect our customers, their clients and their deals.

DDLoop is trusted by top-tier global firms to process, analyse public legal data for fast, smart and reliable due diligence.

Data Residency Icon: A blue icon of a shield with a data network symbol inside, representing secure data storage and localization.

Data Residency

Our servers and data localisation policy ensures secure storage in data centres located in Australia.

World Class Hosting Icon: A blue icon of a server stack, symbolizing high-quality hosting infrastructure.

World Class Hosting

We hold all data in ISO-certified AWS servers, protected by world-class infrastructure, practices and security.

Encryption Icon: A purple icon of a padlock, representing data encryption and security.

Encryption

Data at rest is encrypted using AES-256. Data in transit is encrypted using TLS 1.2 minimum

Secure Development Icon: A blue icon of a terminal or code symbol, representing secure coding practices.

Secure Development

We apply best-in-class coding practices, secure coding guidelines and rigorous access controls.

Privacy Icon: A purple icon of a person with a shield, symbolizing privacy protection.

Privacy

We protect your data with strict privacy standards, ensuring confidentiality and compliance with all regulations.

SSO Support Icon: A purple icon of a card or ID badge, representing Single Sign-On (SSO) support.

SSO Support

Enterprise-grade SSO with SAML and SCIM compatibility to keep user data where you already know and trust.

Seriously Confidential

As former lawyers, we champion customer confidentiality.
While DDLoop uses publicly available data, how you use that information is completely confidential.

What data does the platform use?

DDLoop only collects and transmits:

1.   Publicly available data – information that any member of the public may access, or purchase access to, via the internet (ie non-confidential and non-sensitive). For example, this would include ASIC searches (company extracts), PPSR search results, IP Australia trade mark searches and Google searches.

2.   User inputted project identifiers – optional, pseudonymised information a user can input about a project (ie matter code names such as Project Cannon Ball or Project Red Sparrow or abstract matter numbers) that contain neither confidential Client nor law firm information.

The platform does not allow the user to upload documents to our platform, nor allow any direct interaction with any AI systems/models through prompts.

What happens with my search data?

Your search data is yours. DDLoop does not use or share your data for purposes other than conducting the searches you request and to make sure we're giving you the best services possible.

We use third-party services (for example, Google or the Australian Business Register) to conduct searches. Your searches are governed by the terms and conditions of those third-party services.

Can I request a security review?

Of course! To request additional cybersecurity information, please reach out to support@ddloop.app