top of page

Data and Security

Security is everything to us at Legly. Our customers trust us with their data to provide and continue developing excellent service. We cherish that trust. Therefore, we aim to be as transparent as possible as to what we do with your data. Here you can download our Information security program and see the most frequently asked questions about how we handle your data and security.

Please contact us if you have any questions.

  • Do you comply with GDPR?
    Yes. All your data is stored within the EU (Frankfurt, Germany). We only keep personal information necessary for you to use our services, such as emails and billing information. Our sub-processors comply with GDPR as well, and they only* store encrypted personal data for us with rigorous security; never use it. * With a few isolated exceptions, such as online payment information through Stripe. Stripe’s existing measures include the EU Commission’s approved SCCs to accommodate international data transfers.
  • What happens to my data if I decide to stop using your services?
    Most data is deleted when you terminate your account. Some data is kept afterward, such as billing information we must store for legal reasons. Analyzed data (contracts etc.) used to improve the service are anonymized through the deletion of personal metadata and partitioning/scrambling into pieces that can no longer reveal the full original data.
  • How is my data used in improving the AI service?
    It is used to train the AI to improve classification, identification, extraction, and understanding of legal documents and concepts.
  • Who has access to my data?
    Only very few select staff members have access to your data to ensure smooth operations in case problems arise. As an add-on, we can provide a setup where no one apart from you has access to the uploaded contracts, not even strictly managed key personnel.
  • What kind of personal information do you collect and why?
    We collect names, emails, and phone numbers for each user and the company's billing information. These are used to identify and link companies and individuals with their accounts. Legal documents are required for the actual reviewing process.
  • Is my data encrypted?
    Yes. Stored user data (such as uploaded documents) is encrypted through our database providers with the industry-standard AES-256 algorithm. The data is both encrypted at rest in the database and when accessed, transferred over encrypted channels.
  • Where is my data stored?
    All uploaded data (documents, playbook guidelines, feedback texts, etc.) are stored in AWS Data Centers in Frankfurt, Germany. Personal information needed for identification communication and billing is stored through: Auth0 (identification) in Frankfurt, Germany HubSpot (CRM) data stored in the EU Fortnox (invoicing) in Sweden Stripe (online payments) in the US*. * Regarding the GDPR, Stripe’s existing measures include the EU Commission’s approved SCCs to accommodate international data transfers.
  • Can I request for my data to be deleted?
    Yes. Your account, uploaded documents, and playbook guidelines can be deleted at your request.
  • Do you share my data with third parties?
    No. We use some third-party services to run our service (Auth0 for account authentication and Stripe for billing, for example), but they only see the data necessary for their function.
bottom of page