What happens to your data when you use Lexity
Ankita MehtaMost legal-AI vendors answer the "what happens to my data" question with a slide deck full of acronyms. We would rather give you five sentences you can repeat to a partner, a client, or a compliance officer who asks. This post walks through each one, with the architecture behind it.
Before we get into the architecture, a quick word from a few of the lawyers who actually use the platform, on what trust looks like to them in practice:
I can trust that when I upload a document here, it is not going to be in a shared LLM space, and it is not going to be shared with other people. With Lexity, the client-attorney privilege is already solved.
1. Your data is never used to train an AI model
Not by us, and not by the LLM providers we sit on top of. Lexity uses every model provider under the same set of limitations:
- No customer data is stored on the processor side.
- No data processed through Lexity is used for fine-tuning or training the underlying LLMs.
Each provider is contractually prohibited from using any data sent to them for model training. We use Vertex AI and Azure AI Foundry as our access layers. On Vertex AI, Lexity applies what Google calls the "Corporate Grade" exemption, which excludes our traffic from human prompt monitoring or logging. On Azure AI Foundry, prompts do not flow to OpenAI's public API endpoints. They remain inside the Azure compliance boundary, and input data is deleted immediately after processing and return.
You're working with a company that is GDPR compliant, has ISO certificates, so you feel comfortable in terms of data privacy and data protection. They're not one of those giant companies, Google, Claude, where you never know the accountability. That is critical for lawyers: feeling comfortable sharing documents, knowing who you're sharing them with.
2. No human at Lexity ever reads your documents
There is a difference between a vendor saying "we don't read your documents" and a vendor whose architecture makes reading them the exception, not the default. The first is a promise. The second is architecture. Lexity's architecture is built so that no employee can access customer data without explicit permission from the client.
When a lawyer drops a file into a SaaS product, three different sets of humans could, in principle, end up looking at it: the vendor's engineers, the vendor's support staff, and humans at the underlying AI provider. Each path is limited by strict guards, and every privileged action is recorded under our "All-Logs-Recorded" rule as part of our certification requirements.
Engineering. Production environments are fully isolated from development. Technical controls prevent engineering staff from querying customer datasets directly. Any privileged action that does happen is logged. The default permission for an employee is "no access to anything sensitive," and any deviation from that default is an event, not a routine.
Support. Lexity support starts with the same permission level as everyone else: none, to your data. When a ticket needs access to something specific in your workspace, it is granted via a break-glass approval, which is, in our auditors' language, "explicit, time-bound, and logged." When the ticket closes, the access closes.
AI providers. Covered in §1 above: no training, no human prompt monitoring on Vertex AI (Corporate Grade exemption), no flow to OpenAI's public endpoints on Azure AI Foundry, and immediate deletion after processing.
With Lexity, the client-attorney privilege is already solved. I can trust that when I upload a document here, it is not going to be in a shared LLM space, and it is not going to be shared with other people. I am already safe in uploading my documents, because this is very important to me.
3. Your data stays in Switzerland
Every customer document, every Clickflow™ result, every workspace artefact is stored on Microsoft Azure, Switzerland North region. That is a data centre on Swiss soil, with Lexity as the controller of what sits inside it.
Two extra specifics, because they matter:
- Persistent storage is encrypted at rest with AES-256.
- The storage is not exposed to the public internet. Access goes through Azure's private networking.
Your data is in Switzerland, encrypted, behind a private boundary. It is also never commingled with another client's data: each customer's data lives in isolated environments.
All of the above is continuously monitored. As a validation of, and a commitment to, this standard of security, Lexity regularly undergoes independent security audits that re-validate the state of the architecture.
As a Swiss-based entity, Lexity operates under the Swiss Federal Act on Data Protection (FADP). In the words of our own external due-diligence summary, the Swiss FADP "often exceeds EU GDPR requirements."
Because of the security Lexity has, it is something that they can trust, and they can make sure that their data stays in Switzerland. It doesn't go abroad, it isn't sent to the US, and there will be no professional-secrecy violation.
The framing matters. The defensible line for a Swiss-based arbitrator is not "my files are on a Swiss server." It is "there will be no professional-secrecy violation." That is the framing every careful firm has to be able to give a regulator or a client.
For me two things are essential. First, the company I'm working with, Lexity, is a Swiss company, which gives me as a Swiss lawyer a certain comfort, knowing who is my contractual counterparty. And then, of course, the way Lexity offers to treat the documents, the certificates Lexity provides, are essential for me. Without this standard that Lexity provides, I would for sure not use AI as I use it now, because it would not give me the comfort I need to work with AI.
4. Your data is deleted when your contract ends
We do not keep "anonymised research sets" or "archive copies." When a customer relationship ends, the customer data goes with it. If you want a copy of your workspace before you leave, ask. If you want it wiped sooner, ask.
5. Everything is encrypted, in transit and at rest
Uploads use TLS 1.2 or higher for all external and internal communications. Storage uses AES-256 encryption on every database and storage blob. Databases are not exposed to the public internet; access goes through Azure's private networking only.
How we keep this honest
We do not expect you to take any of the above on faith. A few external signals back it up:
- ISO 27001 certified. Globally recognised standard for information security management, audited by an independent body.
- SOC 2 Type II audit in progress. Operationally focused attestation of controls over time.
- Continuous monitoring via Vanta. Automated checks that the controls are still active across our infrastructure, endpoints, and identity providers.
- Annual penetration tests by independent third-party security firms. Reports available under NDA.
- Public Trust Center at trust.lexity.ai. Real-time security posture, monitoring data, and compliance artefacts. No login.
For deeper diligence, ask. We share the full ISO 27001 certificate, the SIG Lite / CAIQ questionnaire, and the penetration-test executive summary under NDA.
Within GLF we have a couple of people who are very savvy about this. They had a good look at Lexity, and were very happy with the security and confidentiality. It is a great comfort to me, and we communicate that to all of the funders and law firms we deal with. It is one of the biggest talking points in AI in the legal sector at the moment.
What to take away
You can run your most sensitive matters through Lexity and know that, by construction:
- Your data does not train any AI model.
- No Lexity engineer, support agent, or AI provider human-reviewer sees what you wrote.
- Your data sits on Swiss soil, encrypted, behind private networking, isolated from other clients.
- It is deleted when your contract ends.
- It is encrypted at rest and in transit.
It is not a culture statement. It is a wiring diagram.
Questions or specific diligence requests? Email security@lexity.ai or visit the Trust Center.
