SECURITY & PRIVACY
Built for lawyers.
Designed for privilege.
Every architecture decision in LexAudit was made with privilege and professional responsibility in mind. Here is exactly how your data is handled.
No document content stored
LexAudit never stores the actual text of your documents or AI outputs. Only metadata is logged: which tool was used, a summary of the prompt, what human edits were made, and who reviewed it. Your documents stay on your systems. Privilege is preserved by architecture, not by policy.
PII redaction before AI inference
Before any matter title, prompt, or human-edits note is sent to Anthropic for the rationale draft, our redaction layer (lib/safe/redact.ts) strips: emails, phone numbers, SSNs, EINs, credit cards, IBANs, India Aadhaar, EU national IDs, UK/US postcodes, and IPv4 addresses. Each match is replaced with a structured token like [PII:EMAIL] so the AI can still reason about structure without seeing values. Per-redaction counts are logged for the audit trail; the original PII is never persisted server-side. This is decision-support — institutional review remains your responsibility for genuinely sensitive matters.
Row-Level Security — firm isolation
Every firm's data is isolated at the database layer using Supabase Row-Level Security (RLS). Firm A cannot access Firm B's data under any circumstance — not even with a valid login token. This is enforced at the Postgres level, not the application layer.
Tamper-evident SHA-256 hashing
Every Compliance Health Score snapshot is hashed using SHA-256 at the moment of generation. The hash is stored alongside the snapshot. Any modification after release will produce a different hash — making tampering immediately detectable.
Infrastructure
LexAudit runs on Vercel (frontend) and Supabase (database/auth). Both hold independently attested SOC 2 Type II reports. Data is encrypted at rest (AES-256) and in transit (TLS 1.3). Supabase is GDPR-compliant and provides EU data residency options on request.
No IT approval required
LexAudit is a web application — no browser extension, no DMS integration, no API connection to Harvey, Legora, or any other AI tool. You log entries manually. This means no data flows between LexAudit and any third-party AI system. Nothing for your IT department to review.
Data portability & deletion
You own your data. Export all matters, logs, and certificates at any time in JSON or CSV format. Request complete account deletion and all associated data is purged within 30 days. We do not sell, license, or share your data with any third party.
QUESTIONS ABOUT SECURITY?
We're happy to discuss our architecture with your IT team or security counsel.
[email protected]