Security

Built for the sensitivity of immigration data

Your clients trust you with passports, family histories, and legal status. We treat that data with the protection it deserves: isolated per firm, encrypted end to end, and always yours to export.

Encryption everywhere

All data is encrypted in transit with TLS and encrypted at rest in the database. Nothing sensitive travels or sits in the clear.

Strict tenant isolation

Every firm's leads and team are scoped to that firm. Our data layer enforces firm-level separation on every read and write, so no firm can ever see another's cases.

Secure authentication

Passwords are hashed with bcrypt and never stored in plain text. Sessions use signed, httpOnly tokens, and team access is controlled per firm.

Full audit trail

Case activity is recorded so your firm always has a clear, reviewable history of what happened and when.

Your data stays yours

Intaketive processes client data on your behalf, and you remain in control of it. You can export your leads and case records at any time, and we never sell client data or use it to build products for other firms.

The AI intake agent is used only to run intake for your firm. Conversations are stored against your cases, under your firm's account.

Compliance & infrastructure

Intaketive is built on reputable, managed cloud infrastructure and follows SOC 2-ready practices as we grow. Our data handling is designed to align with Canada's federal privacy law (PIPEDA).

We work with a small, vetted set of subprocessors: an AI model provider for the intake agent, an email provider for notifications, and our cloud host. See our Privacy Policy for details on how data is handled.

Report a vulnerability

Found a security issue? We take responsible disclosure seriously and will respond quickly.

[email protected]
© 2026 Intaketive. Navigate every case home.