Security Statement

Legion is committed to the security and integrity of customer information within Legion Subscription Services. Legion uses industry best-practice security controls to protect against the loss, misuse, or alteration of the information under our control.

To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, Legion has put in place appropriate physical, electronic, and managerial controls to secure the information we collect within the Legion Subscription Services. These controls include the following:

  • Multiple layers of firewalls to segregate and secure network segments based on system roles.
  • All requests to servers are HTTPS (TLS) encrypted, and the data integration uses digital certificates.
  • Role-based administrative access policies and procedures.
    • Hosted on AWS using a secure virtual private cloud.
    • Comprehensive in-house performance, security monitoring, and auditing
  • Intrusion detection and analysis.
  • Web Application Firewall (WAF) for DDoS protection and vulnerability scanning.
  • SOC 2 & ISO 27001 compliant security policy, processes, and procedures.
  • Security auditing performed by independent third-party assessors.

To provide for the availability of service and information within Legion Subscription Services, Legion implements the following:

  • Completion of an annual SOC 2 Type 2 audit.
  • Certification to the ISO/IEC 27001 information security standard.
  • A disaster recovery plan.
  • Detailed backup and recovery strategy.
  • High-availability clustered database servers.
  • Service level agreements with service providers to guarantee service levels.
  • Comprehensive change management and testing policies.
  • 24-hour x 7-day per week support staff for Severity Level 1 issues.

The Subscription Services for Legion products document for the specific Legion Subscription Services you are using contains detailed information concerning policies, procedures, and arbitration in the event of any conflict or substantive translation changes into a non-English language. This document is available by request to customers pursuant to a separate non-disclosure agreement.

If you have any concerns regarding any of the above information, please contact [email protected].

Note: The English version of these Security Disclosures shall govern in the event of any conflict or substantive translation changes into a non-English language.

*****

Last Updated 14 April  2026