Product

AI Legal Chat
Document Analysis
Legal Research
Security
Pricing

Solutions

Law Firms
Corporate Legal
Legal Students
Small Business
Enterprise

Resources

Documentation
Training
Academy
FAQ
Support
Contact Us

Company

Our Story
Careers
Privacy Policy
Terms of Service

Quick heads up! We save your dark/light mode preference locally. Nothing leaves your browser, nothing gets monitored. Cookies? Your honor, we object - we're privacy first. Learn more

Accessibility
Font Size
100%
Quick Contact
Email Us support@lexaitechnologies.com
Contact Form Send us a message
Enterprise Custom solutions
Link copied to clipboard!
Jump to Section
Home Architecture Infrastructure Security Compliance Contact ROI Calculator
SECURITY ARCHITECTURE

Technical Documentation

Understand how LexAI protects your data with zero-knowledge architecture, EU-only infrastructure, and encryption that keeps your information private - even from us. Built for organizations that require the highest level of data security.

Zero-Knowledge
EU Infrastructure
No Third-Party APIs
View Architecture Request Security Audit
EU Only All Data in Germany
Zero Third-Party APIs
Can't Decrypt Even Under Court Order
Security First
Lexi - Your AI Assistant
Zero-Knowledge Architecture
Architecture System design
Infrastructure EU-hosted servers
Security Data protection
Compliance GDPR & more
Contact Get in touch
CORE PRINCIPLE

Zero-Knowledge Architecture

We Can't Access Your Data - By Design

LexAI is built on a fundamental principle: we should never be able to read your data. Your conversations, documents, and legal research are encrypted with keys that only you control. Even under a court order, all we could provide is encrypted data that we cannot decrypt.

This isn't just a feature - it's the foundation of how we protect attorney-client privilege and ensure your sensitive legal information remains truly confidential.

View Infrastructure Details
Core Principle

Client-Side Encryption

Your data is encrypted before it ever leaves your browser. We store only encrypted blobs that we cannot read. The encryption keys are derived from your credentials and never transmitted to our servers.

AES-256
End-to-End
Zero Access

No Third-Party APIs

Your data never touches external services.

Open-Source AI

Auditable, transparent AI models.

EU-ONLY INFRASTRUCTURE

Where Your Data Lives

100% German & European Servers

Every component of LexAI infrastructure is hosted within the European Union, primarily in Germany. We own our servers - no shared cloud infrastructure where your data could be exposed.

Your data never leaves EU jurisdiction, ensuring full GDPR compliance and protection under European data protection laws.

Security Details
1

Your Browser

Client-side application hosted on Vercel - serves only static code. No sensitive data is processed here.

2

Hetzner Germany

Our own servers in German data centers. Backend logic, open-source AI models, and RAG vector database all run here under our control.

3

Supabase Frankfurt

Database hosted on Supabase's Frankfurt servers. Only encrypted data blobs are stored - we cannot read the contents.

SECURITY DEEP-DIVE

What We Store vs. What We Don't

Minimal Data, Maximum Protection

We follow a strict data minimization principle. We only store what's legally required and technically necessary - nothing more. We don't track IP addresses, user agents, or browsing behavior for legitimate users.

Under a court order, the only data we can provide is: your username/email and encrypted blobs we literally cannot decrypt. Your actual conversations and documents remain completely inaccessible.

View Compliance Info

What We Store

Username & Email - For account access
Encrypted Data Blobs - We can't read them
Subscription Status - For billing only

What We DON'T Store

IP Addresses - Not tracked for users
User Agents - No browser fingerprinting
Decrypted Content - Technically impossible
Third-Party Analytics - No external trackers

Real-Time Redaction

Every message is filtered before reaching the AI. Names, IDs, addresses, and other PII are replaced with placeholders automatically.

Court Order Scenario

If legally compelled, we can only provide encrypted data that we cannot decrypt. Your content remains protected even under legal pressure.

COMPLIANCE & TRUST

Built for Strict Security Audits

Attorney-Client Privilege Protected

LexAI is designed to meet the strictest security requirements. Our architecture ensures that attorney-client privilege is technically enforced - not just promised. We welcome security audits and can provide detailed documentation of our security measures.

We're ready to work with your security team to demonstrate our compliance with your organization's requirements.

Request Security Review

GDPR Compliant

Full compliance with EU data protection regulations. All data processed and stored within EU jurisdiction.

Attorney-Client Privilege

Our zero-knowledge architecture ensures privileged communications remain confidential by technical design.

Audit Ready

Comprehensive documentation available. We welcome third-party security assessments and penetration testing.

Minimal Data Retention

We only keep what's legally required. Request data deletion anytime - we comply promptly.

GET IN TOUCH

Request Security Documentation

Have questions about our security architecture? Need documentation for your compliance team? We're happy to provide detailed technical information and schedule security reviews.

Security Whitepaper Detailed architecture documentation
Technical Q&A Direct answers from our team
Security Audit Support Cooperation with your security team

Prefer email? Contact us directly at
support@lexaitechnologies.com

Need Help?

English or Czech / Anglicky nebo česky