Security

Built for confidential disputes.

Encryption, isolation, and audit logging at every layer. Your sensitive conversations stay sensitive.

Foundations

The basics, done right.

Encryption in transit

TLS 1.3 for all client connections. Internal service-to-service traffic encrypted with mutual TLS.

Encryption at rest

Database tables and document storage encrypted with AES-256. Keys rotated on a regular schedule.

Magic-link auth

No passwords to leak. Authentication via single-use email links and OAuth (Google, Apple).

Isolated disputes

Each dispute is data-isolated by foreign key constraints. No cross-contamination between users or matters.

Mediated settlement messaging

Original (raw) messages are encrypted with a separate key from the mediated versions sent to the other party. The other party never sees raw outbursts.

Audit trail

Every fact extraction, message, proposal, agent action, and data access is logged with timestamps. Available to you on request.

Principle of least privilege

AI agents only see the data they need for their task. They cannot reach into other disputes, other users, or system internals.

No human eyes by default

No employee at LexGo Resolve reads your dispute content. Even our engineers cannot access individual dispute data without an explicit support ticket from you.

Document handling

Uploaded files are scanned for malware, processed in isolated workers, and stored with per-dispute access controls.

Compliance

What we follow.

  • GDPR & CCPA — full data subject rights: access, correction, deletion, portability, and objection.
  • SOC 2 Type II — audit underway (target 2026 H2). Our security controls are documented and available under NDA in the meantime.
  • Attorney-Client Privilege awareness — once an attorney connection is established, we treat the dispute data as privileged and apply additional access controls accordingly.
  • No third-party tracking — we don't use Google Analytics, Facebook Pixel, or session replay services on the private platform.

Reporting

If you find something.

We take security seriously. If you discover a vulnerability or have a security concern, please email security@lexgoresolve.com. We respond within 24 hours and work with reporters in good faith.