Products

AI Legal Chat
Document Analysis
Legal Research
Project Management
Legal Sources
Security
Pricing

Solutions

Law Firms
Corporate Legal
Legal Students
Small Business
Enterprise

Resources

Documentation
Training
FAQ
Support
Contact

Company

Our Story
Careers
Privacy Policy
Terms of Service
Vulnerability Disclosure

Quick heads up! We save your preferences locally - theme, language, text size, and your explorer progress. Nothing leaves your browser, nothing gets tracked. Cookies? Your honor, we object - we're privacy first. Learn more

Accessibility
Font Size
100%
Quick Contact
Email Us support@lexaitechnologies.com
Contact Form Send us a message
Enterprise Custom solutions
Link copied to clipboard!
Jump to Section
Home Architecture Infrastructure Security Compliance Contact ROI Calculator
SECURITY ARCHITECTURE

Technical Documentation

Understand how LexAI protects your data with zero-knowledge architecture, EU-only infrastructure, and encryption that keeps your information private - even from us. Built for organizations that require the highest level of data security.

Zero-Knowledge
EU Infrastructure
No Third-Party APIs
View Architecture Request Security Audit
EU Only All Data in Germany
Zero Third-Party APIs
Can't Decrypt Even Under Court Order
Security First
Lexi - Your AI Assistant
Zero-Knowledge Architecture
Architecture System design
Infrastructure EU-hosted servers
Security Data protection
Compliance GDPR & more
Contact Get in touch
CORE PRINCIPLE

Zero-Knowledge Architecture

We Can't Access Your Data - By Design

LexAI is built on a fundamental principle: we should never be able to read your data. Your conversations, documents, and legal research are encrypted with keys that only you control. Even under a court order, all we could provide is encrypted data that we cannot decrypt.

This isn't just a feature - it's the foundation of how we protect attorney-client privilege and ensure your sensitive legal information remains truly confidential.

View Infrastructure Details
Core Principle

Client-Side Encryption

Your data is encrypted before it ever leaves your browser. We store only encrypted blobs that we cannot read. The encryption keys are derived from your credentials and never transmitted to our servers.

AES-256
End-to-End
Zero Access

No Third-Party APIs

Your data never touches external services.

Open-Source AI

Auditable, transparent AI models.

EU-ONLY INFRASTRUCTURE

Where Your Data Lives

Every component of LexAI runs within the European Union. We own our servers - no shared cloud where your data could be exposed.

100% German & European servers
Full GDPR compliance guaranteed
Data never leaves EU jurisdiction
Our own hardware - no shared cloud
Security Details
1

Your Browser

Client-side application hosted on Vercel - serves only static code. No sensitive data is processed here.

2

Hetzner Germany

Our own servers in German data centers. Backend logic, open-source AI models, and RAG vector database all run here under our control.

3

Supabase Frankfurt

Database hosted on Supabase's Frankfurt servers. Only encrypted data blobs are stored - we cannot read the contents.

SECURITY DEEP-DIVE

What We Store vs. What We Don't

Minimal Data, Maximum Protection

We follow a strict data minimization principle. We only store what's legally required and technically necessary - nothing more. We don't track IP addresses, user agents, or browsing behavior for legitimate users.

Under a court order, the only data we can provide is: your username/email and encrypted blobs we literally cannot decrypt. Your actual conversations and documents remain completely inaccessible.

View Compliance Info

What We Store

Username & Email - For account access
Encrypted Data Blobs - We can't read them
Subscription Status - For billing only

What We DON'T Store

IP Addresses - Not tracked for users
User Agents - No browser fingerprinting
Decrypted Content - Technically impossible
Third-Party Analytics - No external trackers

Real-Time Redaction

Every message is filtered before reaching the AI. Names, IDs, addresses, and other PII are replaced with placeholders automatically.

Court Order Scenario

If legally compelled, we can only provide encrypted data that we cannot decrypt. Your content remains protected even under legal pressure.

COMPLIANCE & TRUST

Built for Strict Security Audits

Attorney-Client Privilege Protected

LexAI is designed to meet the strictest security requirements. Our architecture ensures that attorney-client privilege is technically enforced - not just promised. We welcome security audits and can provide detailed documentation of our security measures.

We're ready to work with your security team to demonstrate our compliance with your organization's requirements.

Request Security Review

GDPR Compliant

Full compliance with EU data protection regulations. All data processed and stored within EU jurisdiction.

Attorney-Client Privilege

Our zero-knowledge architecture ensures privileged communications remain confidential by technical design.

Audit Ready

Comprehensive documentation available. We welcome third-party security assessments and penetration testing.

Minimal Data Retention

We only keep what's legally required. Request data deletion anytime - we comply promptly.

ASK US ANYTHING

Ask Us Anything About Security

Privacy and security aren't marketing checkboxes – they're foundational to how LexAI was built, from day one. We'll walk you through the details most vendors won't discuss.

Direct answers from engineers who built it
Full technical documentation available under NDA
No scripted responses or sales speak
Sensitive details shared under standard NDA

Encryption

How our zero-knowledge encryption actually works, step by step.

Data Location

Exactly where your data lives and who has physical access.

Access Controls

Who can access what, and the audit trails we maintain.

NDA Documentation

Architecture diagrams and security policies for serious evaluators.

Architecture

System design, infrastructure, and how components interact.

Encryption Methods

Cryptographic protocols, key management, and implementation details.

Data Residency

Where data is stored, processed, and how it moves.

Audit Results

Penetration test results and security audits under NDA.

TECHNICAL EVALUATION

Your Tech Person Can Talk to Ours

If you have an IT consultant or technical advisor who wants to evaluate us before you commit, have them reach out. We'll have a real technical conversation.

Engineer-to-engineer, not sales-to-advisor
Security documentation available under NDA
Penetration test results for qualified evaluators
No gatekeeping on technical questions
GET IN TOUCH

Request Security Documentation

Have questions about our security architecture? Need documentation for your compliance team? We're happy to provide detailed technical information and schedule security reviews.

Security Whitepaper - Detailed architecture documentation
Technical Q&A - Direct answers from our team
Security Audit Support - Cooperation with your security team

Prefer email? Contact us directly at
support@lexaitechnologies.com

Need Help?

English or Czech / Anglicky nebo česky

Security Whitepaper
Security Whitepaper
Security Audit Cooperation
Technical Questions
Compliance Documentation
Other

By submitting, you agree to our Privacy Policy