Privacy Policy
This Privacy Policy explains how Lexandro processes personal data when you visit our website and use our services. It also describes your rights and how to exercise them.
Last updated: February 1, 2026
1. Scope
This Privacy Policy applies to Lexandro websites, marketing pages, and professional services provided through our platform (collectively, the “Services”).
If you do not agree with this Policy, please do not use the Services.
2. Roles (controller vs. processor)
Lexandro may process personal data in different roles:
- Controller: for personal data related to our website, marketing, sales inquiries, account administration, and security operations.
- Processor: for customer content and end-user content submitted to the platform by an organization (“Subscriber”). In such cases, the Subscriber is the controller and determines the purposes and means of processing.
If you have questions about data contained in customer content (e.g., documents uploaded by your employer), please contact your organization first.
3. Data we collect
We collect personal data in three main ways:
3.1 Data you provide
- Contact details (name, email, phone) when you reach out.
- Account details (name, email, role) if you have an account.
- Support requests, feedback, and communications.
3.2 Data collected automatically
- Log data (IP address, timestamps, pages viewed).
- Device and browser information.
- Usage data (feature usage and interaction patterns).
3.3 Data from third parties
- Identity providers (if your organization uses SSO).
- Analytics or advertising partners (where applicable).
4. How we use data
We use personal data to:
- Provide, operate, and maintain the Services.
- Respond to requests and provide support.
- Improve performance, reliability, and user experience.
- Run security monitoring and prevent misuse or fraud.
- Communicate about updates, onboarding, and service changes.
- Comply with legal obligations.
5. Legal bases (GDPR)
Where the GDPR applies, we process personal data based on one or more of the following legal bases:
- Contract — to provide Services you request.
- Legitimate interests — e.g., securing and improving the Services.
- Consent — e.g., optional cookies or marketing (where required).
- Legal obligation — compliance and recordkeeping.
7. International transfers
Your personal data may be processed in regions where we or our providers operate. Where required, we rely on appropriate safeguards (such as standard contractual clauses) and implement technical and organizational measures to protect data.
8. Retention
We retain personal data only as long as necessary to fulfill the purposes described in this Policy, unless a longer period is required by law or contractual obligations.
If we act as a processor, retention for customer content is governed by the applicable customer agreement.
9. Security
We use appropriate technical and organizational measures to protect personal data. These measures may include encryption, access controls, monitoring, and incident response procedures.
No system is perfectly secure. If you believe your account has been compromised, contact us immediately.
10. Your rights
Depending on your location and applicable law, you may have rights including:
- Access to personal data and information about processing.
- Rectification (correction) of inaccurate data.
- Deletion (in certain cases).
- Restriction or objection to processing (in certain cases).
- Data portability (where applicable).
- Withdrawal of consent (where processing is based on consent).
- Lodging a complaint with a supervisory authority (e.g., in the EEA/UK).
To exercise your rights, contact us at privacy@lexandro.ai.
12. Changes to this Policy
We may update this Policy from time to time. If we make material changes, we will take reasonable steps to notify you (for example, by posting an updated Policy on this page).
13. Contact
Questions or requests regarding this Policy:
Lexandro Privacy
Email: privacy@lexandro.ai
If you’re looking for platform capabilities, see Features or Pricing.