Print this page or choose "Save as PDF" to forward the fact sheet to your IT or data protection officer.

Security & compliance

Technical data sheet: Data security & infrastructure

LexLogik – The sovereign solution for holders of professional secrecy

This document is intended for submission to IT security officers and data protection officers for review of the technical and organisational measures (TOMs) of the LexLogik platform.

1. Hosting & infrastructure

LexLogik pursues an approach of full digital sovereignty. We do not use US-based cloud services (such as AWS, Azure or Google Cloud) for data processing.

Server location: Nuremberg, Germany.
Data centre partner: Hetzner Online GmbH.
Certification: The data centre is certified to ISO 27001 (security management standard).
Network security: Servers are behind a dedicated firewall architecture; access is restricted to necessary system administrators via encrypted VPN tunnels.

2. The LexLogik data cycle (zero-retention)

Our architecture is designed for minimal data retention. We do not operate permanent data silos.

Transport: Document transfer is via TLS 1.3 encrypted connection (end-to-end).
Processing: During the three-stage validation (dual OCR + AI logic check), data is processed temporarily in RAM and on encrypted SSD partitions (AES-256).
Deletion: Immediately after completion of text extraction and provision of the download, the source file and processing result are irrevocably deleted from the server.
No AI training: We never use customer data to train our AI models. The models are pre-trained and run in a closed instance.

3. Compliance & legal framework

LexLogik meets the special requirements for persons professionally entrusted with secrets (§ 53 StPO).

§ 43e BRAO conformity: Our technical measures support compliance with attorney confidentiality when engaging service providers.
GDPR: We provide a standard data processing agreement (DPA) under Art. 28 GDPR.
Confidentiality commitment: All LexLogik staff and administrators are contractually bound to data secrecy and the special protection duties for holders of professional secrecy.

4. Technical points for IT

Authentication: Multi-factor authentication (MFA) is supported for all user access.
Interfaces: Processing uses a proprietary architecture; no external AI APIs (e.g. OpenAI) are called for text analysis.
Availability: Redundant connectivity to the data centre infrastructure for maximum resilience.

Contact for technical enquiries

Jonas Regul / Clemens Schmid

Email: info@lexlogik.com

Website: lexlogik.com

← Back to Security & compliance