Built for the strictest standard in business: client privilege.
EU-hosted infrastructure. AES-256 encryption at rest, TLS 1.3 in transit. Tenant isolation. No model training on your data. Every detail below — no marketing language.
Hire LexiBuilt on certified infrastructure. Our own audits in progress.
GDPR
EU-hosted infrastructure (Frankfurt, Germany). Fully compliant with GDPR. DPA signed on every Pro and Enterprise plan.
ISO 27001
Our infrastructure provider, Supabase, is ISO 27001 certified. LeadLex’s own ISO 27001 audit is targeted for Q4 2026. Full audit reports available under NDA.
SOC 2 Type 2
Our infrastructure provider, Supabase, holds SOC 2 Type 2. LeadLex’s own SOC 2 Type 2 audit is targeted for Q4 2026. Trust report available under NDA.
Encryption
AES-256 encryption at rest. TLS 1.3 in transit. Per-tenant encryption keys. BYOK available on Enterprise.
Trusted data storage
EU-hosted infrastructure
All data processed and stored within the European Union. No cross-border transfers without explicit consent.
Complete tenant isolation
Your firm’s data is never accessible to other organizations — not even for aggregate analysis.
No model training
Your confidential data remains secure and private. LeadLex will not use your data to train or fine-tune any AI models.
Legal-grade security
Your approval required
Access to customer data is strictly controlled and only granted to engineers with written customer approval for support-related issues.
Regular security audits
LeadLex undergoes semi-annual penetration tests covering the full platform scope and follows an “assume breach” methodology to proactively identify risks.
AI data processing
Lexi runs on Anthropic’s Claude under a zero-retention agreement. Your conversations are processed in real time, never retained by Anthropic, and never used to train any AI models — Anthropic’s or anyone else’s.
Full audit logging
Every user and agent action is logged. Control what each team member can see — partners see everything, associates see their clients. Lexi respects the same access rules.
Full ownership and flexibility
LeadLex supports SSO (SAML 2.0) on all Pro and Enterprise plans, with DPA included. You control where your data is stored, for how long, how the encryption key is managed, and you have full visibility over how your data is handled throughout the platform. BYOK encryption is available on Enterprise plans.
You maintain control over your data at all times.
Data retention
Set and manage data retention periods to align with your internal policies and regulatory requirements.
Data governance
Real-time insight into who’s accessing your data and when. Full transparency across the platform.
Encryption management
Manage your own encryption keys with our BYOK option to keep sensitive data protected at all times.
User authentication
SSO integration gives you complete control over user authentication and access management.
FAQ
All data is encrypted in transit using TLS 1.3 and at rest with AES-256 encryption. For customers who require additional control, we offer the option to encrypt data with your own encryption keys.
Your data is stored in isolated tenants within EU infrastructure. We will never access your data without your explicit written consent. All processing is logged and auditable.
Lexi’s responses are grounded in cited data sources. Every recommendation includes the reasoning and source, allowing your team to verify conclusions before acting.
You can export all your data at any time. Upon contract termination, we securely delete all firm data within 30 days, ensuring you retain everything you need.