Zero Data Retention for lawyers — what it actually means
When a lawyer sends privileged contract text to an AI service, two questions land on the table: is the text stored anywhere, and could it be used to train future models? Both questions need clear answers — otherwise the service can't be used for client work.
Zero Data Retention (ZDR) is the term for the commitment that addresses both questions. But ZDR means different things at different vendors, and it isn't always obvious which level actually applies. This article explains exactly what ZDR means at LexCodex — at two layers — and what it does not cover.
Two layers of retention questions
When you upload a document to LexCodex it passes through two systems. Both must have clear retention rules.
Anthropic Claude (the LLM provider)
LexCodex uses Anthropic Claude as its AI engine. When text is sent to Claude, it is Anthropic's infrastructure that processes it. Anthropic offers an enterprise term called Zero Data Retention: inputs and outputs are not stored after the response is returned. No logs, no cache, no use for model training.
This is publicly documented in Anthropic's commercial terms and their data processing addendum. For business partners (like LexCodex), ZDR is enabled via enterprise contract — not automatically on the consumer API.
The LexCodex application (our infrastructure)
Once the text has produced a response from Anthropic, it lands at LexCodex. Here our own retention policy applies: uploaded documents and AI responses are not stored after the analysis is complete. When you close the tab or click "New analysis", the data is gone. We have no logs containing document contents, no backups of analyses, no archives.
The only thing stored is session metadata (who was logged in, which tool was used, how long the request was) — for rate limiting and debugging. No content, no citations, no conclusions.
What this means in practice
For a lawyer or in-house counsel, the practical consequences are:
- Privileged documents can be analysed — they don't exist anywhere after the tab closes. This applies both at Anthropic (ZDR contract) and at LexCodex (no-store policy).
- Client agreements with confidentiality clauses are workable — no third party stores the material. You have documented traceability via the DPA.
- GDPR Art. 5(1)(c) — "data minimisation" — is met by design, not by procedural handling. There's nothing to minimise if it was never stored.
- GDPR Art. 17 — "right to be forgotten" — is trivial. There's nothing to delete.
The common misconception
The difference:
- "We don't train on your data": Your documents won't end up in the next model version. But they may still be stored for hours/days/weeks on the vendor's servers.
- Zero Data Retention: Your documents disappear from the vendor's infrastructure as soon as the response is returned. No intermediate storage.
For client material where confidentiality is central, it has to be the latter. ZDR is not a marketing argument — it's a baseline requirement.
What ZDR does NOT protect against
For balance, what ZDR doesn't cover:
- Traffic in transit. Between your browser and LexCodex traffic crosses the public internet. We use TLS 1.2+ with HSTS preload, but it's still "traffic on the wire" — not absolute protection if someone has root access to routers along the path.
- Your own local copies. You may have copied the contract text from an email, have it in a Word cache, or exported the analysis to PDF. ZDR applies to LexCodex and Anthropic's infrastructure — not your own.
- Client-side source security. If the document already lives in the client's SharePoint without encryption, ZDR in the AI chain isn't the weakest link.
- Insider threats on the LexCodex side. We have strict access controls, but theoretically a malicious LexCodex employee could read data in flight before the ZDR steps take over. That's why we have explicit security controls documented and build to ISO/IEC 27001:2022.
ZDR is "belt-and-suspenders" on data storage. It isn't absolute security — but it eliminates a whole category of risk that would otherwise need to be handled through procedural controls (DPA addenda on deletion, periodic audit logs, retention monitoring).
How to verify ZDR in practice
Questions you as a lawyer can ask any AI vendor:
- Do you have ZDR terms from your underlying LLM provider? Is it active on our account?
- How long are requests/responses stored at your end before deletion?
- Do you have backups/archives of user data? For how long?
- Are there logs containing content? Which logs are kept and for how long?
- Can you sign a DPA under GDPR Art. 28?
For LexCodex the answers are public in our DPA and Security Whitepaper. You don't need to ask — you can read the terms yourself before creating an account.
Summary
Zero Data Retention isn't a marketing label — it's an architectural property that must hold at two layers (LLM provider + application provider) to be meaningful. For lawyers analysing client material in an AI service, ZDR is the precondition, not the optional add-on.
LexCodex has ZDR at both layers. Anthropic via enterprise contract, LexCodex via our own no-store design. That is why we can say "upload client agreements" without burying everything under disclaimer asterisks.
Read more
How LexCodex avoids hallucinations · EU AI Act for lawyers
Security & Trust → Back to blog⚠ General information about Zero Data Retention and GDPR — not legal advice. For specific compliance questions in your own tool selection, consult a qualified lawyer or DPO.