Important Note on Data Access
Be aware that if you access the service from outside the EU, data will be exported to your PC or phone using secure encryption.
Our platform has been engineered with comprehensive security and data privacy measures to protect your sensitive legal research.
Last updated: April 5, 2026
Your data is kept private and secure. It is never used for training AI models. Our AI runs on large language models accessed exclusively through AWS Bedrock within EU infrastructure — model providers do not receive or store your data.
Our platform has been engineered with security and data privacy measures to ensure full GDPR compliance.
All your legal research content — documents, queries, and chat history — is stored and processed exclusively within the European Union (AWS Frankfurt, eu-central-1). If you accept analytics cookies, browsing metadata may be processed by third-party analytics providers under EU-US Data Privacy Framework safeguards. See our Privacy Policy for details.
Our infrastructure includes multiple layers of protection against denial-of-service attacks through global CDN for automatic DDoS mitigation and Web Application Firewall (WAF) with managed rule sets and rate limiting to prevent abuse.
Users can at their discretion enable multifactor authentication (MFA) which provides stronger security than the classic username and password. Supported in our own authentication system and when you decide to log in via a personal or enterprise Google account. Our MFA implementation allows MFA via both physical security tokens and MFA applications using biometrics on your phone or personal computer.
Single sign-on (SSO) is supported for Google accounts. If you are a large enterprise, please contact us for further detail regarding support for your authentication system.
All customer data is encrypted both at rest and in transit. We use modern encryption protocols such as TLS 1.3 for maximum security.
We conduct regular security reviews of our code and infrastructure, including automated vulnerability scanning and manual assessments.
We check our code and infrastructure using both real humans and AI. In addition, we use tools such as Snyk to test for vulnerabilities.
Our service is run from ISO 27001:2022 and SOC 2 certified data centres.
Be aware that if you access the service from outside the EU, data will be exported to your PC or phone using secure encryption.