Security and compliance

From GDPR compliance to ISO 27001-certified data centres, LEAP ensures your sensitive information is protected with encryption, built-in safeguards, and full data ownership control.

Data Security - Compliance, laptop and security based icons

Security and compliance

LEAP complies with GDPR, processing personal data lawfully and transparently for specified purposes. Customer data is stored in ISO 27001 certified AWS data centres in Dublin, with encryption in transit and at rest using TLS and AES-256. LEAP is also SOC2 Type 2 and Cyber Essentials accredited, maintaining high data security standards.

LawY question - Legal AI

In-built security within our AI

LawY, operates a secure, closed-loop system where user data must necessarily be transmitted to the LLM for processing but is never used for model training. Matter AI and AI Prompt only work on a matter level, so any security applied to matters ensures that data held in restricted matters is not compromised. Generator works across all matters, but excludes any data held on restricted matters to maintain strict security.

Pricing - Multiple devices

Data ownership and control

All data entered into LEAP remains the subscriber's property, with LEAP acting as a data processor. Customers retain control and may request deletion at any time. LEAP keeps data for seven years after service termination for possible reactivation.

As outlined in the T&Cs, data may be shared with ATI Group entities for legal searches and AI tools. Data may also be transferred across jurisdictions and is protected under the Data Privacy Framework.

AI Tools

LEAP uses AI tools, such as OpenAI, that offer enhanced data privacy and security, ensuring data stays within the system and is not shared externally. They comply with regulations like GDPR and provide customisation, seamless integration, and dedicated support while handling large volumes of data and scaling with business needs.

In contrast, free AI tools such as ChatGPT are less secure, may use data for training purposes, and offer limited to no customisation and integration options. They lack professional support and regulatory compliance, making them more suitable for personal or small-scale use with far fewer features, automations and capabilities.

Laptop training

Data handling

LEAP uses AI tools to securely process data, keeping it ring-fenced within LEAP or ATI Groups. Customer personal data is never used to train AI, preventing cross-client exposure.

Before training, data is stripped so insights may help others without sharing specifics. LawY sources answers externally but only uses basic LEAP data kept in the system. Users are advised not to input personal data, as stated in the app and in the T&C's

Discover why leading law firms trust LEAP with their data

Secure cloud infrastructure purpose-built for legal software.

  • built on AWS cloud infrastructure with layered security controls

  • data encrypted at rest and in transit using industry-standard protocols

  • role-based access controls with multi-factor authentication as standard

  • continuous monitoring, auditing and incident response processes

  • designed to support regulatory, compliance and data protection obligations

Find out why LEAP sets the standard for legal data security by completing the form.

Loading form content...