LeadLex
LEGAL

AI Policy

Version 2.0 · 9 June 2026 · Classification: External

Prepared for client due-diligence. This Policy describes how LeadLex's AI assistant ("Lexi") and AI-assisted features process data, the commitments of the AI providers we rely on, and our governance and EU AI Act posture. It complements our DPA, Privacy Policy, and Terms of Service §11 "AI Features". v2.0 supersedes v1.0.


1. Summary for reviewers

  • Your data is never used to train AI models. Our primary provider, Anthropic (Claude), contractually does not train on commercial/API customer inputs or outputs.
  • Short, bounded retention. Anthropic auto-deletes API inputs/outputs within 30 days; Zero-Data-Retention (ZDR) is available on request for eligible workloads.
  • Tenant isolation by design. Each workspace's AI runs in its own isolated instance; no cross-tenant access; no provider key ever sits beside customer data.
  • Human-in-the-loop. Lexi drafts and proposes; outward actions require explicit user confirmation. AI output is assistive, not autonomous.
  • EU-hosted; EU AI Act-aligned. Primary data resides in the EU; prohibited practices are contractually barred; users are told when they are interacting with AI.

2. Scope and definitions

This Policy covers Lexi (the in-product AI assistant) and AI-assisted features (drafting, summarisation, search/embeddings, enrichment, optional voice transcription). "AI Provider" means a third party providing model inference or embeddings (a sub-processor). "Customer Content" means inputs you and your users submit and the outputs generated for you. GDPR terms have their GDPR meaning; AI Act terms their meaning in Regulation (EU) 2024/1689.

3. Roles and lawful basis

For Customer Content, the Customer is controller and LeadLex is processor; AI processing is part of the Service and is governed by the DPA. LeadLex and its AI Providers process Customer Content only to deliver the Service, on the Customer's documented instructions — not to train or improve models. Establishing a lawful basis for the personal data the Customer submits is the Customer's responsibility as controller; LeadLex relies on the DPA and provider terms for the processing it performs.

4. AI providers (sub-processors) and their data commitments

ProviderRoleTrains on your data?RetentionLocation
Anthropic — Claude (primary)LLM inference for LexiNo (commercial/API)Deleted ≤ 30 days; ZDR availableUS
Google — GeminiAutomatic failover inference onlyNo (enterprise/API terms)Per Google enterprise/API termsUS
OpenAIText embeddings (search/memory); optional voice transcriptionNo (API terms)Per OpenAI API termsUS

Current models: primarily Anthropic Claude (Haiku-class) for Lexi, with Google Gemini (2.5 Flash-class) as automatic failover on provider outage or rate-limit, and OpenAI for embeddings and optional voice transcription. Specific model versions evolve; the commitments below apply regardless of version.

Anthropic (Claude) — the substance

Lexi runs primarily on Anthropic's Claude via Anthropic's commercial API, governed by Anthropic's Commercial Terms. The relevant commitments, in Anthropic's own words:

"By default, we will not use your inputs or outputs from our commercial products (e.g. Claude for Work, Anthropic API, Claude Gov, etc.) to train our models." — Anthropic Privacy Center, "Is my data used for model training?"

"…we automatically delete inputs and outputs on our backend within 30 days of receipt or generation" (commercial API), with a Zero-Data-Retention option for eligible commercial keys. — Anthropic Privacy Center, "How long do you store my data?"

The only path by which Anthropic may use commercial content for training is if a customer explicitly submits feedback (e.g. thumbs-up/down). LeadLex does not route Customer Content through any Anthropic feedback channel. Anthropic maintains SOC 2 Type II and ISO 27001; longer retention applies only to content flagged by trust-and-safety systems, as is standard. Google Gemini (failover) and OpenAI (embeddings/voice) operate under enterprise/API terms that do not train on customer API data. The authoritative sub-processor list is at leadlex.com/subprocessors and in the DPA (Annex 3).

5. How Customer Content flows to AI (architecture)

  • Per-workspace isolation. Each workspace's AI agent runs in its own hardware-virtualised instance with a dedicated storage volume; conversations, memory, and files are never co-located across workspaces.
  • Credential isolation via a hardened proxy. Workspace instances never hold a real AI key — only a workspace-scoped, signed token. All model calls pass through an internal proxy (private network only) that validates the token, injects the key, records usage in an append-only log, and returns the response. A compromised workspace exposes only that one workspace's token, which is independently revocable.
  • Egress secret-redaction. Responses are scanned for credential patterns across multiple common secret formats and redacted before reaching a workspace.
  • Spend/abuse controls. Per-request credit checks bound usage and cost.

6. What Lexi can access

Lexi operates only within the requesting user's workspace, under the same PostgreSQL Row-Level Security boundaries as the rest of the CRM (company_id-scoped). It accesses the workspace's own contacts, companies, deals, tasks, meetings, notes, and emails the user is permitted to see, plus files the user explicitly attaches. It cannot reach other customers' data. External and file content is wrapped in explicit "untrusted content" markers and treated as data, not instructions (prompt-injection defence); AI-generated HTML is sanitised before rendering.

7. Confidentiality, no training, no profiling-by-us

  • Customer Content is confidential and used solely to deliver the Service.
  • No model training on Customer Content by LeadLex or its AI Providers (see §4).
  • LeadLex does not sell personal data and does not use Customer Content to build cross-customer profiles. Aggregated, de-identified operational metrics may be used to run and improve the Service.

8. Retention and deletion of AI data

  • Conversation history is workspace-isolated; per-plan retention applies; deletion requests (including data-subject erasure under the DPA/GDPR) are honoured, with an automated self-service erasure flow on our roadmap.
  • At the provider layer: Anthropic deletes API inputs/outputs within 30 days (ZDR available); other providers per their API terms.
  • Data-subject requests relating to AI data follow the DPA; LeadLex assists the Customer in fulfilling them.

9. Human oversight and accuracy (assistive, not autonomous)

  • Confirmation before outward actions — email sends are draft-previewed and require explicit user confirmation; bulk actions require additional confirmation.
  • AI can err. Outputs may be incomplete or incorrect and must be reviewed by a human before being relied upon — especially for legal, financial, or client-facing use. Lexi does not provide legal advice.
  • Runtime hardening — the agent runs unprivileged; its instruction files are read-only; network egress is restricted to approved endpoints.

10. Output and intellectual property

As between the Parties, the Customer owns its inputs and the outputs generated for it, subject to the Principal Agreement and AI-Provider terms. AI-generated output may not be unique and is provided without warranty of accuracy, originality, or fitness for a particular purpose. The Customer is responsible for reviewing outputs before use.

11. EU AI Act posture (Regulation (EU) 2024/1689)

  • Classification. Lexi is an assistive, limited-risk AI system (productivity/drafting). It is not used for purposes listed as high-risk in Annex III, and it is not a prohibited practice under Article 5.
  • Transparency (Art. 50). Users are informed they are interacting with an AI assistant, and AI-generated content is presented as such within the product.
  • Prohibited uses (Art. 5). Customers may not use Lexi for manipulation or deception causing harm, social scoring, untargeted scraping for facial-recognition databases, or other Article 5 practices, nor to violate applicable law (GDPR, anti-spam, etc.). See Terms of Service §8 and §11.
  • General-purpose AI. The underlying models are GPAI supplied by the AI Providers; LeadLex monitors and adapts to AI Act obligations as they phase in (2025–2027).

12. Security of the AI pipeline

Covered by our Technical and Organisational Measures (DPA Annex 2): tenant and compute isolation, credential isolation via the proxy, encryption in transit (TLS 1.3 / mTLS), prompt-injection defences, output sanitisation, egress secret-redaction, rate and credit controls, and audit logging of tool actions.

13. AI incident response

Suspected AI-related incidents (e.g. data exposure via a model integration, prompt-injection exploitation, provider breach) are handled under our incident-response process: containment, assessment, and breach notification to affected customers without undue delay and within 72 hours where a personal-data breach is involved (DPA Section 12).

14. Governance and change management

  • AI providers, models, and this Policy are reviewed at least annually and on material change. New or replacement AI sub-processors follow the DPA's prior-notice and objection process (DPA Section 8.2).
  • Changes that materially affect data handling are reflected here and in the sub-processor list before taking effect.

15. Contact

Security and privacy: lexi@leadlex.com. The DPA and current sub-processor list are available at the links above and on request.


16. Version history

  • v2.0 (9 June 2026): added model inventory, roles and lawful basis, output/IP, EU AI Act classification and transparency, AI incident response, governance and change management, and definitions; expanded retention/DSAR and architecture.
  • v1.0 (8 June 2026): initial standalone AI Policy grounded in Anthropic's published terms.

Sources for the Anthropic commitments above: Anthropic Privacy Center — "Is my data used for model training?" and "How long do you store my organization's data?".

We onboard law firms one at a time.

Applications open. Reviewed every Tuesday.