LexLaw
Log in Join Now
Trust

Security at LexLaw

Last updated 2 June 2026

Legal work is sensitive. We build LexLaw so your matters and queries stay confidential, isolated and under your control. This page summarises how we protect your data.

Encryption Authentication Data isolation AI & your data Infrastructure Access control Responsible disclosure Contact

Encryption in transit and at rest

All traffic between your browser and LexLaw is encrypted with TLS (HTTPS). Data stored in our database and object storage is encrypted at rest. Passwords are never stored in plain text: they are salted and hashed by our authentication provider.

Authentication

Accounts are protected by email-and-password authentication with email confirmation, backed by a managed authentication service. Sessions use signed, expiring tokens that refresh securely. We support secure password reset, and we recommend a strong, unique password for your account.

Data isolation

Customer data is separated at the database layer using row-level security, so each account can only reach its own matters, documents and research. Authorisation is enforced on the server for every request, not just hidden in the interface.

AI and your data

When you use LexLaw's AI features, your queries and the relevant content are processed only to produce your result, by us and by trusted providers acting on our instructions under confidentiality terms. We do not sell your data and we do not use your content to train publicly available AI models. See our Privacy Policy for detail.

Infrastructure

LexLaw runs on reputable managed cloud infrastructure with automated backups and monitoring. We keep our platform and dependencies patched, and we apply the principle of least privilege across our systems.

Access control

Internal access to production systems and customer data is restricted to staff who need it to operate or support the service, is logged, and is removed when no longer required.

Responsible disclosure

If you believe you have found a security vulnerability, please tell us before disclosing it publicly. Email security@lex-law.com.au with details and steps to reproduce. We will acknowledge your report, investigate, and keep you updated. We are grateful to researchers who help us keep LexLaw safe and will not pursue good-faith research that respects our users' privacy.

Questions

For security or compliance enquiries, contact security@lex-law.com.au. Detailed security documentation is available to customers on request.