Privacy Policy
Effective date: May 1st, 2026 (Updated)
At Lexity AI, we prioritize your data confidentiality. Kindly review this Data Protection Declaration to learn how we treat your personal data. By utilizing or interacting with our Services in any manner across our platforms (www.lexity.ai, app.lexity.ai and platform.lexity.ai), you acknowledge that you accept the protocols and guidelines outlined below, and you hereby consent that we will collect, use, and share your information as described in this Privacy Policy.
As described in additional detail in this policy:
- We do not sell your data or use it to help other companies advertise to you.
- Zero-Exposure Policy: No Lexity AI employee will ever read or access your personal data or uploaded documents, unless we obtain your explicit, case-by-case permission for debugging or customer support.
- Zero AI Training: Data processed through our AI features is NEVER used to train, fine-tune, or improve our AI models or third-party Large Language Models (LLMs).
- We use standardized cryptographic measures to protect your data in transit and at rest on our EU and Swiss-based Azure servers.
You can exercise your rights in line with the EU General Data Protection Regulation (GDPR), the Swiss Federal Act on Data Protection (FADP), and applicable US state privacy regulations, including the California Consumer Privacy Act (CCPA) and Virginia Consumer Data Protection Act (VCDPA), at any time.
Remember that your use of Lexity AI’s Services is at all times subject to our Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.
You have the option to print this Privacy Policy. If you have a disability, you may access this Privacy Policy in an alternative format by contacting privacy@lexity.ai.
What this Privacy Policy Covers
This Declaration encompasses how we treat Individual Data that we obtain when you engage or utilize our Services. “Individual Data” means any data pertaining or connecting to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules, or regulations. This Declaration doesn’t encompass the practices of companies we don’t own or control or people we don’t manage.
Individual Data
Categories of Individual Data We Collect
To provide our Services, note that we collect and process Individual Data necessary to execute our Clickflows™, AskDocs feature, and other AI tools.
This chart details the categories of Individual Data that we collect and have collected over the past 12 months:
| Category of Individual Data | Examples of Individual Data We Collect | Categories of Third Parties With Whom We Share this Data |
|---|---|---|
| Profile or Contact Data | First and last name, Email, Corporate affiliation. | Service Providers, Parties You Authorize. |
| Device, IP & System Log Data | IP address, Device ID, Domain server, Type of device / operating system / browser used to access the Services, System logs of user actions. | Service Providers, Web Analytics, Subprocessors (detailed in Trust Center). |
| Data from Connected Productivity Tools & Uploads | Files, documents, emails, messages, and calendar information that you upload or grant access to for processing via AskDocs or Clickflows™. Metadata (e.g., titles, time stamps). | LLM Providers (Strictly for processing; NO training allowed), Parties You Authorize. |
| Financial & Payment Data | Billing address, transaction history. (Note: Credit card details are processed directly by Stripe and are NOT stored by Lexity AI.) | Payment Processors (Stripe). |
| Marketing & Prospect Data | Name, professional email, firm name, employees at the firm and job title collected via website forms. | Service providers (Google Analytics, MixPanel, HubSpot). |
| Other Identifying Information | Identifying information in emails or letters you voluntarily send us. | Service Providers (Twilio, SendGrid). |
Categories of Sources of Individual Data
We gather Individual Data about you from the following types of origins:
You
- When you provide such information directly to us (e.g., creating an Account).
- When you upload documents or input text to execute Clickflows™ or use AskDocs.
- When you voluntarily provide information in free-form text boxes or correspondence.
- When you use the Services and such information is collected automatically (e.g., through Cookies, system logging).
Third Parties & Vendors
- Analytics providers to analyze how you interact and engage with the Services.
- Payment processors (e.g., Stripe) who confirm your Credit purchases or subscription status.
- Customer support integrations.
Parties You Authorize, Access, or Integrate
- If you sign in through a Single Sign-On (SSO) service (like Google or Microsoft), some account content / information may be transmitted to us.
Our Commercial or Business Purposes for Collecting Individual Data
Providing, Customizing, and Improving the Services
- Creating and managing your account, Credit balances, or corporate Subscription.
- Processing orders and billing via third-party payment processors.
- Executing Clickflows™, AI translations, and AskDocs document processing as requested by you.
- Providing support and assistance for the Services.
- Personalizing the Services and communications based on your preferences.
- Fraud protection, security, debugging, and service availability monitoring.
Marketing the Services
- Marketing and selling the Services.
Corresponding with You
- Responding to correspondence, contacting you when necessary, and sending you information about Lexity AI or the Services.
Meeting Legal Requirements and Enforcing Legal Terms
- Fulfilling legal obligations, investigating security incidents, and preventing illegal activities.
- Protecting the rights, property, or safety of you, Lexity AI, or another party.
- Enforcing our Terms of Use.
We will not collect additional categories of Individual Data or use the Individual Data we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Strict AI Guardrails & Zero Training Policy
Given the professional and legal nature of our corporate and individual clients, we enforce strict limitations on how your Individual Data and uploaded documents are handled by Artificial Intelligence:
- Processing Only:Your data is transmitted to our LLM providers strictly for the purpose of executing the specific task you requested (e.g., running a Clickflow™).
- Zero Training Guarantee: We explicitly prohibit our third-party LLM providers from using your Individual Data, uploaded files, or prompt inputs to store, train, fine-tune, or improve their foundation models. Lexity AI also does not use your data to train our own proprietary models.
- Strict Isolation: Your data remains isolated within your account and is purged from active processing memory immediately after the AI task is completed.
- Data Fire-walling & Separation: We maintain a strict organizational and technical separation between Marketing Data (information used to communicate with you about our launch and services) and Client / Case Data (documents and inputs processed within the Lexity platform). We never use your uploaded case files for marketing purposes, and our marketing analytics tools have no access to the contents of your data in the Lexity platform.
How We Share Your Individual Data
We disclose your Individual Data to the categories of service providers and other parties listed in this section.
- Service Providers: These parties help us provide the Services or perform business functions on our behalf. They include:
- Hosting and technology providers (Microsoft Azure).
- Payment processors (Stripe).
- Third-party LLM providers (strictly bound by zero-retention / zero-training agreements).
- Security and fraud prevention consultants.
- System monitoring and log visualization tools (Subprocessors).
- Parties You Authorize: Third parties you authorize, access, or integrate through the services, such as Google Workspace or Microsoft.
- Other Users: If you choose to authorize a user within your corporate B2B platform, some of your materials or activities may be viewable by them.
Legal Obligations & Business Transfers
We may share Individual Data to comply with legal obligations or court orders. Additionally, if we undergo a merger, acquisition, or bankruptcy, your data may be transferred to a third party that assumes control of our business.
Data that is Not Individual Data
We may create aggregated, de-identified, or anonymized data from the Individual Data we collect. We may use such data to analyze and improve the Services, provided it cannot identify you.
Tracking Tools and Opt-Out
The Services use cookies and similar technologies (collectively, “Cookies”) to recognize your browser, analyze trends, and operate our Services. Because of our use of Cookies, the Services do not support “Do Not Track” requests sent from a browser at this time.
We use:
- Essential Cookies: Required for logging into secure areas and navigating the platform.
- Functional Cookies: Record your choices and settings (e.g., language or region).
- Performance / Analytical Cookies: Allow us to understand how visitors use our Services and measure campaign performance.
You can decide whether or not to accept Cookies through your internet browser’s settings. If you disable Cookies, some of the Services and functionalities may not work.
Data Security, Retention, and Hosting Location
We seek to protect your Individual Data using highly appropriate physical, technical, organizational, and administrative security measures.
- EU & Swiss Hosting: To ensure the highest standards of professional secrecy, all Client Data is hosted and processed on highly secure Microsoft Azure servers located within the European Union and Switzerland.
- System Logs & Uptime Monitoring: In order to guarantee service uptime and availability, we collect and store system logs related to user actions in the platform. All subprocessors or tools used to process and visualize this data are described in the Lexity Trust Center.
- Trust Center: For full details on our security architecture, subprocessors, and compliance certifications, please visit trust.lexity.ai.
- Retention: We retain Individual Data, historical records, and execution logs for as long as you maintain an open account with us. You may request account deletion at any time, at which point your data will be securely purged, subject to our legal and financial retention obligations.
Individual Data of Children
We do not knowingly collect Individual Data from children under 18 years of age. If you are under 18 (or the age of legal majority), please do not attempt to register for the Services. If we learn we have collected data from a child, we will delete that information as quickly as possible.
State and International Privacy Rights
US State Law Rights (California, Virginia, etc.)
Residents of California, Virginia, and states with comparable privacy laws have the right to request:
- Access: Information about our collection and use of your Individual Data over the past 12 months.
- Deletion: Deletion of Individual Data we have collected (subject to certain exceptions, such as retaining data to provide the Service).
- Correction: Correction of inaccurate Individual Data.
Sales Opt-Out: We do not sell your Individual Data, nor do we disclose sensitive personal information (like precise geolocation or financial data) outside of authorized payment processing. We will not discriminate against you for exercising your privacy rights.
European Union & Swiss Data Subject Rights (GDPR & FADP)
If you reside in the EU, UK, Switzerland, or EEA, Lexity.ai AG acts as the controller of your Individual Data. We process data based on Contractual Necessity (to fulfill our Terms of Use), Legitimate Interest (improving services, security), and Consent.
You have the right to:
- Access & Portability: Request a copy of your Individual Data in a machine-readable format.
- Rectification & Erasure: Correct inaccurate data or request deletion of your data from our systems.
- Restriction & Objection: Ask us to restrict processing or object to uses such as direct marketing.
- Withdrawal of Consent: Withdraw your previously granted consent at any time.
To exercise any of these rights, or to lodge a complaint, please contact us at privacy@lexity.ai.
Changes to this Privacy Policy
We may need to change this Privacy Policy from time to time. We will alert you to any material changes by placing a notice on the Lexity AI websites or by sending you an email. If you use the Services after changes have been posted, that means you agree to the new Privacy Policy.
Contact Information
If you have any questions or comments about this Privacy Policy, please contact us at:
Websites:
Security & Trust: trust.lexity.ai
Email: privacy@lexity.ai
EU / Swiss Data Controller:
Lexity.ai AG
Pilatustrasse 50, 6052 NW
Switzerland
switzerlandgdpr@lexity.ai