logo+381 60 5560 035

Security

Your data is in safe hands

Factum (SaaS platform) applies a certified Information Security Management System (ISMS) and technical data protection measures.

Download Statement (PDF)
Security Contact
ISO/IEC 27001:2022

Certified ISMS

EU Infrastructure

Hetzner (DE/EU) + Google Cloud

Encryption

AES-256 (at-rest) + TLS 1.3 (in-transit)

Incidents

Notification within 24 hours

AES-256
ISO 27001

Certified and Managed Processes

FAKTUM DOO has a fully implemented and certified ISMS according to the international standard for information security.

ISO/IEC 27001:2022

Certificate numberIC-IS-2511022
IssuerINTERCERT
Valid untilNovember 03, 2028.
Scope:

Design, development, support and maintenance of digital legal services.

Document

STATEMENT OF INFORMATION SECURITY AND TECHNICAL MEASURES

DOWNLOAD STATEMENT (PDF)

Contact point

Data Protection Officer (DPO)

Metodij Ristomanov

dpo@factum.law

Send email

Confidential Storage and Infrastructure

Factum uses modern cloud infrastructure with high levels of physical protection and compliance.

EU Hosting

Primary services and databases are hosted at Hetzner Online GmbH (Germany/EU) and Google Cloud Platform (GCP).

Physical Security

Data centers are protected with 24/7 physical security, access control, and video surveillance.

Data Storage Compliance

Data is stored in accordance with European regulations and ZZLP.

Legal-Oriented Technical Protection

Practical measures that support confidentiality, integrity, and availability of data.

At-rest Енкрипција

At-rest (AES-256)

All data stored in databases and file systems is encrypted with AES-256.

In-transit (TLS 1.3 / HTTPS)

All communication between the user and servers takes place via TLS 1.3 (HTTPS).

Автентикација и Пристап

Authentication

Google OAuth 2.0 or Magic Link for authentication.

Least Privilege

Access to data only when strictly necessary for technical support, regulated by internal policies and NDA.

Segregation (RLS)

Row Level Security (RLS) prevents one client from accessing another client's data.

Your Data. Your Decisions.

Practical measures that support confidentiality, integrity, and availability.

Vulnerability Scanning

Regular scanning of third-party libraries and components for known vulnerabilities (CVEs).

Code Review + Testing

Mandatory Code Review and testing in an isolated environment before production.

Patch Management

Regular updating of systems and servers with the latest security patches.

Backups + Recovery

Daily automatic backups, Point-in-Time Recovery, and Disaster Recovery procedures.

Incidents and Notifications

Procedures exist for the detection, reporting, and resolution of security incidents.

Every security incident will be reported to the Client within 24 hours of discovery, in accordance with legal deadlines and GDPR.

Sub-processors (AI Models)

Factum uses AI models for text processing, with contractual restrictions and technical measures.

Providers

Regular scanning of third-party libraries and components for known vulnerabilities (CVEs).

Encryption in Transit

Data is encrypted during transit.

No Training

Customer data is NOT used to train AI models.

FAQ

Frequently asked questions about Factum security.

Have security questions?

Contact the Data Protection Officer (DPO) for questions related to security and incidents.

dpo@factum.law

FAKTUM DOO Skopje Manager: Dimitar Chukov

   Trust is built through experience

+

users

+

daily users

%

accuracy in legal reference

Contact us

Suzana Joshevska Anastasovska

Attorney, Skopje

„Factum has significantly changed the way I work – processes are faster, documentation is more organized, and communication with clients is clearer. Instead of getting lost in routine tasks, I can devote more time to the essence of the cases and to developing the legal strategy.”

Darko Konstantinovich

Law firm Konstantinovic & Milosevski

„With Factum, I have managed to bring a new level of efficiency into the office. Work flows more clearly, documents are prepared faster, and the team has a better overview of all cases. Most importantly, we have gained more time for quality legal analysis and client counseling.“

MA. Ivica Medarski

Compliance Manager (Macedonia Insurance AD Skopje – Vienna Insurance Group)

„Macedonia Insurance AD Skopje – Vienna Insurance Group believes that investing in information and communication technology enhances organizational processes. We strive to use new and innovative solutions that contribute to efficient and effective operations. Law and positive regulations are at the core of our primary activity. Collaboration with Factum AI contributes to the automation of the legal research we urgently need, accelerates the process of analyzing legal documents and regulations, and enables the effective resolution of legal issues we face on a daily basis.”

Irena Vasovska

General Legal Affairs Senior Associate (Sparkasse Bank AD Skopje)

„Sparkasse Bank bases its market position on the principles of trust, stability, and compliance with the highest professional standards, with a strategic focus on continuous investment in advanced technological solutions. The introduction of Factum AI as part of our daily operations has provided us with instant, precise, and verifiable answers to questions from the complex domestic regulations, which is of immeasurable value to our team. This means less time spent on research, minimized risk of errors, and stronger confidence in our overall operations.”

Factum

Save time on legal analysis

Check the contract and highlight risky clauses.

Is the privacy policy compliant with the law?

How to file a lawsuit for unpaid wages?

Subscribe
Login