Noxtua

Europe's sovereign legal AI with its own European-trained legal LLM

Lexis+ AI

Hallucination-free AI legal research with authoritative LexisNexis sources

Noxtua

Excellent

25/25

Lexis+ AI

Strong

21/25

Score Breakdown

DimensionNoxtuaLexis+ AI

Data Residency

Where is your data stored and processed?

Noxtua: Processing occurs exclusively on European infrastructure (Open Telekom Cloud by Deutsche Telekom and IONOS) with no connection to US cloud providers, plus an on-premise deployment option. Best-in-class EU data residency.

Lexis+ AI: Data hosted across US, EU, and UK data centres. Strong data residency options for law firms in major common law and civil law jurisdictions. UK GDPR compliance post-Brexit.

5/5

Processing occurs exclusively on European infrastructure (Open Telekom Cloud by Deutsche Telekom and IONOS) with no connection to US cloud providers, plus an on-premise deployment option. Best-in-class EU data residency.

4/5

Data hosted across US, EU, and UK data centres. Strong data residency options for law firms in major common law and civil law jurisdictions. UK GDPR compliance post-Brexit.

Legal Jurisdiction

Which laws govern the company and your data?

Noxtua: Incorporated in Germany as Noxtua SE (formerly Xayn AG), an EU/EEA entity with no US parent. Designed to meet German professional-secrecy law (§ 43e BRAO, § 203 StGB).

Lexis+ AI: Parent company RELX PLC is UK/EU incorporated and regulated. LexisNexis US entity is incorporated in Delaware but operates under RELX's broader European governance framework, providing strong data protection oversight.

5/5

Incorporated in Germany as Noxtua SE (formerly Xayn AG), an EU/EEA entity with no US parent. Designed to meet German professional-secrecy law (§ 43e BRAO, § 203 StGB).

4/5

Parent company RELX PLC is UK/EU incorporated and regulated. LexisNexis US entity is incorporated in Delaware but operates under RELX's broader European governance framework, providing strong data protection oversight.

Data Retention & Training

Is your data used for model training?

Noxtua: Explicitly states customer data is never used to train, retrain or improve AI models, with sovereign/on-premise deployment and enterprise DPA-level controls. Specific configurable retention windows are not publicly detailed but the no-training and isolation posture is strong.

Lexis+ AI: Clear data retention policies aligned with legal professional requirements. Research queries and documents are not retained for AI training. Supports data processing agreements for enterprise law firms.

5/5

Explicitly states customer data is never used to train, retrain or improve AI models, with sovereign/on-premise deployment and enterprise DPA-level controls. Specific configurable retention windows are not publicly detailed but the no-training and isolation posture is strong.

4/5

Clear data retention policies aligned with legal professional requirements. Research queries and documents are not retained for AI training. Supports data processing agreements for enterprise law firms.

Certifications

ISO 27001, SOC 2, Cyber Essentials, etc.

Noxtua: Extensive published certification stack: ISO 42001 (first German company), ISO 27001, 27017, 27018, 9001, plus BSI C5 and TISAX. No SOC 2 (US-oriented), but European sector and AI-specific certifications exceed the baseline.

Lexis+ AI: Holds SOC 2 Type II, ISO 27001, and ISO 27701 certifications. Strong certification portfolio appropriate for a platform handling confidential legal information.

5/5

Extensive published certification stack: ISO 42001 (first German company), ISO 27001, 27017, 27018, 9001, plus BSI C5 and TISAX. No SOC 2 (US-oriented), but European sector and AI-specific certifications exceed the baseline.

4/5

Holds SOC 2 Type II, ISO 27001, and ISO 27701 certifications. Strong certification portfolio appropriate for a platform handling confidential legal information.

Regulatory Fit

Suitability for regulated industries and professional services

Noxtua: Purpose-built for regulated EU legal work, explicitly meeting attorney confidentiality and professional-secrecy requirements, with backing from major law firms and legal publishers. Suitable for the most demanding EU regulated legal and public-sector use.

Lexis+ AI: Excellent regulatory fit for law firms and legal departments. Compliance with bar association professional responsibility rules, GDPR, UK GDPR, and CCPA. Trusted by government agencies and Am Law 100 firms.

5/5

Purpose-built for regulated EU legal work, explicitly meeting attorney confidentiality and professional-secrecy requirements, with backing from major law firms and legal publishers. Suitable for the most demanding EU regulated legal and public-sector use.

5/5

Excellent regulatory fit for law firms and legal departments. Compliance with bar association professional responsibility rules, GDPR, UK GDPR, and CCPA. Trusted by government agencies and Am Law 100 firms.

Total Score

25/25

21/25

Best For

Noxtua

Best for EU-headquartered organisations needing maximum data sovereignty; organisations requiring broad certification coverage (SOC 2 Type II, ISO 27001, ISO 27701); regulated industries (FCA, SRA); privacy-conscious teams who need strong data retention controls.

Lexis+ AI

Best for EU-headquartered organisations needing maximum data sovereignty; organisations requiring broad certification coverage (ISO 42001, ISO 27001, ISO 27017); regulated industries (BfDI, BaFin); privacy-conscious teams who need strong data retention controls; organisations that need self-hosted or on-premise deployment.

Detailed Comparison

Lexis+ AI vs Noxtua: Trust & Compliance Comparison

Lexis+ AI (LexisNexis, GB) scores 21/25 overall with a Silver (Strong) trust badge. Hallucination-free AI legal research with authoritative LexisNexis sources. Noxtua (Noxtua, DE) scores 25/25 with a Gold (Excellent) trust badge. Europe's sovereign legal AI with its own European-trained legal LLM.

Dimension-by-Dimension Breakdown

#### Data Residency

Noxtua leads with 5/5 vs 4/5.

●Lexis+ AI (4/5): Data hosted across US, EU, and UK data centres. Strong data residency options for law firms in major common law and civil law jurisdictions. UK GDPR compliance post-Brexit.

●Noxtua (5/5): Processing occurs exclusively on European infrastructure (Open Telekom Cloud by Deutsche Telekom and IONOS) with no connection to US cloud providers, plus an on-premise deployment option. Best-in-class EU data residency.

#### Legal Jurisdiction

Noxtua leads with 5/5 vs 4/5.

●Lexis+ AI (4/5): Parent company RELX PLC is UK/EU incorporated and regulated. LexisNexis US entity is incorporated in Delaware but operates under RELX's broader European governance framework, providing strong data protection oversight.

●Noxtua (5/5): Incorporated in Germany as Noxtua SE (formerly Xayn AG), an EU/EEA entity with no US parent. Designed to meet German professional-secrecy law (§ 43e BRAO, § 203 StGB).

#### Data Retention & Training

Noxtua leads with 5/5 vs 4/5.

●Lexis+ AI (4/5): Clear data retention policies aligned with legal professional requirements. Research queries and documents are not retained for AI training. Supports data processing agreements for enterprise law firms.

●Noxtua (5/5): Explicitly states customer data is never used to train, retrain or improve AI models, with sovereign/on-premise deployment and enterprise DPA-level controls. Specific configurable retention windows are not publicly detailed but the no-training and isolation posture is strong.

#### Certifications

Noxtua leads with 5/5 vs 4/5.

●Lexis+ AI (4/5): Holds SOC 2 Type II, ISO 27001, and ISO 27701 certifications. Strong certification portfolio appropriate for a platform handling confidential legal information.

●Noxtua (5/5): Extensive published certification stack: ISO 42001 (first German company), ISO 27001, 27017, 27018, 9001, plus BSI C5 and TISAX. No SOC 2 (US-oriented), but European sector and AI-specific certifications exceed the baseline.

#### Regulatory Fit

Both score equally at 5/5.

●Lexis+ AI (5/5): Excellent regulatory fit for law firms and legal departments. Compliance with bar association professional responsibility rules, GDPR, UK GDPR, and CCPA. Trusted by government agencies and Am Law 100 firms.

●Noxtua (5/5): Purpose-built for regulated EU legal work, explicitly meeting attorney confidentiality and professional-secrecy requirements, with backing from major law firms and legal publishers. Suitable for the most demanding EU regulated legal and public-sector use.

Certifications at a Glance

Certification	Lexis+ AI	Noxtua
BSI C5	No	Yes
ISO 27001	Yes	Yes
ISO 27017	No	Yes
ISO 27018	No	Yes
ISO 27701	Yes	No
ISO 42001	No	Yes
ISO 9001	No	Yes
SOC 2 Type II	Yes	No
TISAX	No	Yes

Overall Verdict

Noxtua has a clear trust advantage, scoring 25/25 compared to Lexis+ AI's 21/25. Noxtua particularly excels in data residency, legal jurisdiction, data retention & training, certifications.

Frequently Asked Questions

Which is better for EU compliance, Noxtua or Lexis+ AI?

Noxtua has a TrustKit score of 25/25 while Lexis+ AI scores 21/25. Noxtua currently rates higher across data residency, legal jurisdiction, data retention, certifications, and regulatory fit.

How do Noxtua and Lexis+ AI compare on data residency?

Noxtua scores 5/5 for data residency (Processing occurs exclusively on European infrastructure (Open Telekom Cloud by Deutsche Telekom and IONOS) with no connection to US cloud providers, plus an on-premise deployment option. Best-in-class EU data residency.), while Lexis+ AI scores 4/5 (Data hosted across US, EU, and UK data centres. Strong data residency options for law firms in major common law and civil law jurisdictions. UK GDPR compliance post-Brexit.).

Are Noxtua and Lexis+ AI GDPR compliant?

Both tools are assessed across five compliance dimensions. Noxtua has a regulatory fit score of 5/5 and Lexis+ AI scores 5/5. Check the full comparison above for a detailed breakdown.

Explore Each Tool