Privacy Policy

LexiDots customer data is stored on Microsoft Azure (East US region) using enterprise-grade infrastructure with redundant availability zones. Backups are encrypted, geo-replicated, and tested on a rolling schedule.

Where regional residency is required (EU customers, specific corporate contracts), we provide additional deployment regions on request as part of enterprise plans.

We do not sell, rent, or share customer data with external parties. Limited data is processed by carefully vetted sub-processors required to deliver core product functionality:

• Adobe APIs — used to render, manipulate, and OCR documents inside secure short-lived sessions.
• Transactional email providers — used to deliver registration, password reset, and trial credential emails.

Sub-processors operate under data processing agreements that mirror our commitments to you.

LexiDots is engineered for the same threat model used by financial institutions:

• Encryption at rest (AES-256) and in transit (TLS 1.2+)
• OAuth / OIDC authentication with SSO options for enterprise plans
• Granular role-based access control across every record
• Comprehensive audit logs and tamper-evident activity trails
• Periodic third-party security assessments and penetration tests

You retain ownership of your data at all times. You can export, restrict, or delete your information on request. We’ll respond to verified requests within 30 days, and free white-glove exports are available at any time during your contract or at offboarding.

Questions about this policy or data handling? Reach our team at support@lexidots.com. Enterprise security questionnaires are returned within 5 business days.