As a Legal AI, Beck-Noxtua processes confidential legal information. Therefore, data security and compliance are our top priorities. This article explains the measures we take to protect your data.
Hosting and server location
Where is my data stored?
All user data is processed exclusively on high-security servers within the European Union. Noxtua has no connection to US cloud providers. We've built our own AI infrastructure with security-certified hosting providers IONOS and Open Telekom Cloud as strong European partners to remain resilient and sovereign.
What infrastructure does Noxtua use?
We use certified data centers with the highest security standards. Physical security includes access controls, monitoring systems, and redundant power supply.
Data protection and compliance
What data protection standards does Noxtua meet?
Noxtua is fully GDPR-compliant.
How are professional secrecy requirements met?
Through technical measures as well as organizational and contractual arrangements, we support the protection of professional secrecy requirements in accordance with Section 43e Federal Lawyers Act (Bundesrechtsanwaltsordnung) and Section 203 German Criminal Code (StGB). Processes are designed to technically prevent unauthorized data disclosure.
Encryption
How is my data encrypted?
Your data is encrypted during transmission between your browser and our servers (data in transit). Noxtua does not store data permanently; all temporary processing follows modern security and encryption standards.
What encryption methods are used?
For transmission, we use TLS 1.3 encryption; for storage, AES-256 encryption. All encryption keys are securely managed.
Access control
Who has access to my data?
All your prompts, chats, and uploaded documents remain exclusively with you. Access to system components is strictly regulated and follows the principle of minimal authorization.
How is access controlled?
Every system access is authenticated, authorized, and logged. Employees receive only the permissions required for their specific tasks. Regular reviews ensure that permissions remain current and appropriate.
Data usage
Is my data used to train the AI?
No, your inputs and documents are not used for training or improving AI models. Your data is used exclusively to process your specific requests.
Is my data shared with third parties?
Your data is processed exclusively for the contractually agreed purposes in connection with the provision and use of Noxtua services.
Quality assurance
How is the quality of AI results ensured?
Legal experts at Noxtua work continuously on quality assurance. They review model responses, provide targeted feedback for retraining, and define professional guardrails. This ensures results achieve high legal relevance and reliability.
What data does the AI access?
Noxtua is the only AI solution that primarily uses content from beck-online – Germany's leading legal database. Results are therefore based on relevant, verified, and current legal content rather than unverified internet sources.
Security measures
What technical security measures are implemented?
In addition to end-to-end encryption, we rely on:
Firewalls and intrusion detection systems
Regular security updates and patches
Monitoring and alerting systems
Backup and disaster recovery processes
How often are security reviews conducted?
We conduct regular security audits and risk assessments. Technical and organizational measures are continuously adapted to current standards.
Logging and monitoring
Which events are logged?
System access and activities are comprehensively logged to ensure traceability and detect potential security incidents. We strictly maintain your privacy in this process.
How long are logs stored?
Security logs are retained according to legal requirements and our data protection policy, then securely deleted.
Certifications and standards
What certifications does Noxtua hold?
We regularly have our security architecture confirmed through the most relevant certifications, such as BSI C5, ISO 27001, ISO 9001, ISO 42001, and many more. For full transparency, you can find all certifications on our Trust Center.
We're happy to provide concrete evidence of processes, audit results, and existing certifications upon request. We follow established security standards and undergo regular external audits.
Who can I contact with questions?
For specific questions about data security, compliance, or certifications, please contact our support team at support@noxtua.com.
Dennis Engelhard