Data & Compliance

The defining fact. The documents you review are processed entirely in your browser and are never transmitted to or stored on LCS servers. The only data LCS holds is what your organization configures, an encrypted AI key if you enable AI authoring, and — only if you enable it — review metadata (never document text). This is the foundation of every statement below.

1. Data architecture: client-side by design

The review engine runs in your browser. Files you upload and text you paste are parsed, checked, annotated, and scored locally and are not sent to LCS. Because of this, for the content you review your organization is the data controller and LCS is not a processor of that content. The deterministic checks that produce findings and scores require no network call and no AI. You can confirm this yourself with the accuracy validator — it runs entirely in your browser and makes no network requests.

2. Data types and flows

See the Privacy Policy for the full description and the AI Disclosure for the optional AI features.

3. Residency and subprocessors

LCS uses Netlify for hosting, delivery, functions, and encrypted configuration/key storage, and Anthropic only when an organization enables AI-assisted authoring and only for the guide text described above. These providers process data in the United States. If you enable the AI judgment pass or AI suggested edits, the de-identified document text goes either directly from the reviewer's browser to your chosen AI provider using your organization's own key, or to a self-hosted endpoint you control — never through LCS; its location and terms are yours. LCS also uses Voyage AI as an embeddings provider: server-side to index your organization’s own policy text (a configuration artifact, never case documents) into a searchable library, and — only if you enable the optional semantic grounding of the judgment pass — to embed a de-identified query sent directly from the reviewer’s browser to Voyage (never through LCS) so your most relevant policy passages can be surfaced.

4. Retention and deletion

Organization configuration and access-key records are retained until your owner deletes them or closes the account. Encrypted AI keys are retained until removed. System-of-record metadata is retained until your owner deletes it. Rate-limiting counters expire within minutes. Because documents are never received by LCS, there is nothing about them to retain or delete on our side. To request deletion of data LCS holds, contact support@lcs-global.com.

5. System of record and integrity

If your organization enables the optional system of record, each review outcome is appended to a tenant-scoped, tamper-evident, hash-chained trail so you can produce an examiner-ready coverage report. Document text, evidence excerpts, and calendar dates extracted from files are excluded before anything leaves the device, and the server additionally drops any such fields it receives. Exported trails can be checked with our offline verifier without sending anything anywhere.

6. Security posture

Data in transit is protected with TLS and HSTS; the application enforces a strict Content-Security-Policy and related hardening headers; stored provider keys are encrypted with AES-256-GCM; administrative interfaces are credential-gated and rate-limited; and sessions support automatic log-off. Full detail and our responsible-disclosure process are on the Security page.

7. Regulatory posture — stated honestly

LCS is a configurable, first-line, decision-support tool. It flags potential issues for a qualified person and never makes the final decision. We describe its fit with common regimes plainly, and we do not overstate it.

a. HIPAA

Because protected health information in the documents you review is processed on your device and is not transmitted to or stored by LCS, LCS does not receive PHI in the default configuration and is not, by default, acting as a Business Associate. We do not currently offer a signed Business Associate Agreement. Healthcare organizations remain responsible for their own HIPAA obligations and should evaluate their configuration; contact us to discuss your requirements.

b. CJIS

Criminal-justice information in reviewed documents likewise stays on the device and is not sent to LCS. LCS does not claim CJIS compliance certification. Agencies remain responsible for their CJIS obligations and the environments in which they run the application.

c. SOC 2 / ISO 27001

LCS does not currently hold, and does not claim, a SOC 2 report or ISO 27001 certification. We describe the actual technical controls we operate on the Security page rather than implying an audit we have not completed.

d. GDPR / CCPA / CPRA

For the content you review, your organization is the controller and LCS is not a processor of it. For the limited configuration and metadata LCS holds, LCS acts as a service provider/processor. LCS does not sell or “share” personal information and does not use customer data to train AI. See the Privacy Policy for data-subject rights.

8. Customer responsibilities

You remain solely responsible for your own legal and regulatory obligations, for configuring the Service appropriately, and for validating any output before relying on it. The Service supplements, but does not replace, professional judgment, supervisory review, and independent verification.

9. Incident response

If LCS becomes aware of a security incident affecting data it holds about your organization, LCS will notify the affected organization without undue delay and consistent with applicable law, with the information available at the time and updates as the situation is understood.

10. Contact

Data, security, and compliance questions: support@lcs-global.com · security reports: see Security.