Security & data protection

Relex is built so that your clients' real identities are never exposed to the AI — or to Relex. Their identifying details (names, national IDs, contact details) are encrypted in your browser under a password only you hold; Relex's servers store only an opaque encrypted blob and can never decrypt it. Your documents and drafts are de-identified so the AI works only on labels like [Party 1]. This is a zero-knowledge design for identities, not a policy promise.

What is encrypted — and what is not

Your private-information vault is encrypted so that even Relex cannot read it. Names, national IDs, and contact details are encrypted on your device with a PII password only you control (a sealed-box design). Relex stores the encrypted blob plus non-identifying metadata — never the plaintext — and cannot decrypt it. Decryption happens only in your browser, and the password is never cached server-side.

Everything else you work on is readable by Relex, so the Service can run. Your documents, drafts, matter notes, and tasks are de-identified (real names replaced with labels like [Party 1]) but are not encrypted under your PII password — they are stored in readable form on our infrastructure, protected by access controls and encryption at rest under keys Relex manages. This is what lets Relex search, draft, and review on your behalf. The distinction is deliberate: only your clients' identities are sealed away from us; the de-identified working content is not.

What happens if you lose your password?

Because only you can decrypt your private-information vault, keeping your PII password — and the one-time recovery key shown when you set it up — safe is your responsibility. If you forget the password but still have your recovery key, you can restore access and set a new one; your data is preserved. If you lose both, no one — including Relex — can recover the vault. We hold no copy of your password or key. The only remaining option is a reset that permanently erases the encrypted vault so you can start again. For an organization, access is lost only if every member's access and the organization passphrase are all lost.

What does the AI actually see?

Labels and anonymized counts — never real identities. The case agent and any connected agent such as Claude operate on placeholders like [Party 1]. Any API call that would move plaintext PII (reading or writing parties, uploading or reading document content) is refused at the server, which returns a deep link so you complete that step securely in Relex. Parties can still be checked for existence through a blind index without decrypting anything.

Is my firm's know-how shared or used for training?

No. Your know-how is indexed into a private, per-tenant retrieval corpus that is searched during a matter but never copied to a model and never shared with third parties. Documents are redacted before indexing. A partner invited into a case can contribute know-how scoped to that case only, and never receives decryption access to your data.

Compliance and data residency

  • GDPR-compliant data processing.
  • EU data processing for stored data.
  • Zero-knowledge identities — client names, IDs, and contacts are encrypted in the browser under your password; the server holds only ciphertext and cannot decrypt it. De-identified documents and drafts are readable by Relex to run the Service.
  • Least exposure by design — the AI receives only de-identified labels and fragments, never the full identified picture.
  • Human oversight — flagged clauses block signature until a professional resolves them.

Questions about security?

Contact [email protected] — or see how Claude connects without ever seeing client identities.