Security & compliance

Your firm's data, protected end-to-end.

How Migrawise stores, encrypts, audits and lets you export your data — designed for Canadian immigration practice and the regulators that audit it.

⌖

Data residency: Canada

All data — case files, documents, eSignatures, AI prompts and outputs — is stored in Canadian AWS regions. Required for PIPEDA and IRCC.

⚿

Encryption

AES-256 at rest. TLS 1.3 in transit. Credentials, API keys and SMTP secrets encrypted with a separate key tier and never written to logs.

○

Auth & lockout

Account lockout after 5 failed sign-ins. Optional Cloudflare Turnstile on login, register and forgot-password forms. Sessions expire after 12 hours.

☷

Tenant isolation

Every database query is scoped by tenant_id. Cross-firm data access is structurally impossible. Files live outside the webroot, served only via authenticated APIs.

▤

Audit log

Every authentication event, document read, eSignature, settings change, and AI generation is logged. Export the full audit trail any time.

↓

Data export, no lock-in

One-click export of cases, contacts, documents, invoices and signed envelopes. Machine-readable formats. No exit fees, no negotiation.

AI & your data

No model training

Our AI infrastructure runs with the no-training option enabled by contract. Your client data is never used to train, fine-tune or improve any model.

What the AI sees

For each generation, only the relevant context is sent: this case's questionnaire, applicants, document text, your firm's knowledge base, and the IRCC catalogue. Never your other clients' data.

Logs & observability

Prompts and outputs are logged to the audit trail (firm-side only) so you can review what the AI saw and produced. Provider-side logs are minimal and follow their enterprise data-handling policy.

Per-section limits

Hard daily limits prevent runaway prompts and accidental cost spikes. Configurable per plan tier.

Compliance

PIPEDA-aligned

Data handling follows the Personal Information Protection and Electronic Documents Act. Client data stays in Canada, retention is bounded, deletion is verifiable.

CICC retention

Closed cases retain for 6 years per CICC requirements by default, with auto-purge after the window unless you extend. Retention events are logged.

eSignature & legal validity

eSignatures are PIPEDA / UETA / ESIGN-act compliant. Every envelope has a certificate of completion with timestamp, IP, signer details and document hash, retained alongside the signed file.

Permission roles

15 permission modules (cases, contacts, documents, invoices, eSign, messages, calendar, email, reports, knowledge, library, AI, questionnaires, IRCC forms, audit log) with per-role overrides.

SOC 2

Type II audit on the roadmap. Speak to us if you need details for a procurement review.

Reporting a vulnerability

Security researcher? Customer who spotted something? Email [email protected]. We respond within 24 hours and credit responsible disclosure on this page.

Need a deeper security review?

We have a longer compliance brief for procurement teams, including the AI provider's enterprise terms, our incident response policy and our data-handling addendum.

Request the compliance brief →