Security
Structured handling of legally relevant content.
TermShelf isolates tenants rigorously, documents changes, and delivers content through clearly bounded interfaces.
Tenant isolation
Data and operations are consistently separated per workspace.
Workspace permissions
Access is role-based within the context of each workspace.
Audit logs
Operational events are recorded in an auditable way.
Version history
Approved versions remain permanently inspectable.
Immutable snapshots
Snapshots are not modified after the fact.
Rate limiting
Public endpoints are protected against abuse.
Public Delivery separated
Read-only delivery is separated from app and admin functions.
Preview tokens
Preview tokens have limited scope and validity.
Webhook signatures
Webhooks are signed and verifiable.
Data lifecycle
Storage and deletion follow clearly defined lifecycles.
No hidden mutation
History is not overwritten — restoration creates a new draft.
Note on certifications
This page deliberately makes no certification claims. Security and compliance topics are presented factually. Recognised certifications or audits will be added here once available.
Structure builds trust.
Clean separation, auditable history, controlled delivery.