How LexOps collects, uses and protects data. This is the current published version. Material changes will be announced by email.
Firm and user account details (name, email), authentication data, usage analytics, and the legal-practice data you enter into the platform (matters, documents, billing, etc.).
To provide the LexOps service, maintain security, bill customers, support users, and improve the product. We do not sell personal data.
Data is stored on infrastructure located in the EU (Belgium). Daily backups are retained for 30 days.
Only you and users authorized by your firm. LexOps personnel access data only for support and security purposes, under strict access controls.
Under GDPR you may access, correct, export or delete your data. Requests: [email protected].
We use a minimum set of sub-processors (hosting, email delivery, billing). A current list is available on request.
We use strictly necessary cookies for authentication and a small number of first-party analytics cookies. No third-party ad tracking.
The data controller is LexOps Management Systems (Ordinis Online — Belgium). For data-protection enquiries: [email protected]. You may also lodge a complaint with the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit): dataprotectionauthority.be.
Account data is retained for the lifetime of the firm subscription plus 90 days. Backups are deleted within 30 days of expiry. On request we will export and erase a firm's data within 30 days, except where retention is required by Belgian law (e.g. accounting records under Art. III.86 of the Code of Economic Law — 7 years).
All production data is stored in the European Union. Where sub-processors operate outside the EU, transfers are governed by Standard Contractual Clauses approved by the European Commission.
Last updated: April 2026. Contact [email protected].