Skip to main content

Innovative technology for your law firm

Harness the power of cutting-edge technology to drive your legal firm forward. Explore innovative solutions that show unseen accuracy, increase efficiency, improve workflows, and elevate your competitive edge.

Leonardo Legal AI Software automates case intake, contract analysis and judgment evaluation for law firms

Automate the Process – Own the Judgment Turn Legal Data into Decisive Action

Leonardo Legal AI empowers your firm to effortlessly manage every client interaction and informational touchpoint: from new case intake, contract analysis, and court decision interpretation, to organizing insights gathered in client meetings, hearings, or board sessions.

Our advanced AI tools automate information capture, expertly structure complex legal data, and instantly generate precise, legally compliant reports and templates—always accurate, always up-to-date, and completely hallucination-free.

With Leonardo handling the groundwork, your attorneys can drastically reduce administrative burdens, allowing them to dedicate their valuable time to what matters most: delivering exceptional legal judgment.

Boost your efficiency, elevate your practice, and unleash your firm’s full potential with Leonardo Legal AI.

Innovative technology for your law firm

Our Tools

AI-supported contract analysis with trust scores and precise detection of legal risks

Leonardo Contract

Contract analysis with unmatched precision.

Identify risks, problematic clauses, and improvement opportunities with accuracy that outperforms any manual review. No hallucinations, no guessing—every insight is backed by the actual contract text and comes with a clear confidence level.

Leonardo Legal AI visualizes judgment analyses with trust scores and transparent argument recognition

Leonardo Sentence

Court ruling interpretation with maximum reliability.
Our AI analyzes legal decisions with surgical precision—free from errors or fabrications—highlighting key arguments and providing full transparency on the confidence of each data point.
Leonardo Legal AI structures complex legal cases into facts, legal principles and conclusions with the highest precision

Leonardo Legal Case

Strategic case analysis based on the FIRAC method.
Turn legal complexity into actionable clarity. Our solution breaks down each case into Facts, Issues, Rules, Application, and Conclusion with extraordinary precision and verified reliability, point by point.
AI-powered audio transcription recognizes speakers and creates complete, comprehensible legal analyses

Leonardo Transcriptor

Smart legal transcription with automated analysis.
Transform recordings into actionable insights: detect up to 10 speakers, assign procedural roles (judge, witness, attorney), and receive full contextual analysis with complete traceability— hallucination-free.

LEONARDO CONTRACT
accurate analysis, zero hallucinations, 100% contractual truth.

  • Speed and Efficiency: Save up to 90% of review time and receive professional-grade analysis in minutes.

  • Unmatched Accuracy: Detect 3x more risks than manual review. Our system flags ambiguities, imbalances, and verifies regulatory compliance with unparalleled precision.

  • Absolute Trust: Our analysis is 100% based on the actual contract text—no “hallucinations” or creative interpretations. Every finding is a verifiable, referenced fact.

  • Total Security: Your information is protected with top-grade security and certified GDPR compliance.

Leonardo Legal AI precisely analyzes contracts, identifies risks, and checks legal requirements with the highest accuracy

LEONARDO SENTENCE

The intelligence that transforms judgments into strategy

Identify Winning Arguments:
Extract the most relevant information for your specific case.

  • Never Miss a Deadline Again: Automatically detects appeal deadlines and triggers countdown alerts so you stay in complete control.

  • Judicial-Grade Precision, Zero Hallucinations: Unlike other AI tools, our analysis is 100% based on the actual text. It provides exact references—never inventing deadlines or non-existent arguments.

  • Instant Strategy: Uncovers anomalies, checks document consistency, and analyzes key arguments so you can build a winning case in seconds—not days.

  • Generate Professional Reports: Receive strategic insights in seconds—ready to use in PDF, Docx, and Markdown formats.

AI-based judgment analysis automatically detects deadlines, arguments and discrepancies and creates strategic reports

LEONARDO LEGAL CASE
structure the case -master the argument

  • Automatic *FIRAC Analysis. Just describe your case in natural language, and our system breaks it down into a flawless, professional report. Perfect for any jurisdiction—civil, criminal, administrative, or labor.

    (*FIRAC: Facts, Issues, Rules, Application, Conclusion)

  • It transforms complex case files into clear, actionable structures: identifying key facts, formulating legal issues, applying relevant rules, analyzing arguments, and delivering sharply accurate conclusions.

  • Supports multiple jurisdictions (criminal, civil, administrative, and labor), alerts you to critical deadlines, and cross-validates with the Official State Gazette (BOE) and current legal codes.

  • Save up to 90% of your time with results 100% based on real data, GDPR-certified security, and customized report generation.

AI-powered legal case analysis transforms complex case files into clear, actionable structures with facts, rules, and conclusions

LEONARDO TRANSCRIPTOR
Your case’s voice, transformed into strategy

Leonardo Transcriptor + Veritas Analyzer form the perfect duo that revolutionizes your legal workflow:

  • Save up to 95% of your time: Process one hour of audio in under 3 minutes and free your team from repetitive tasks.

  • Intelligent Legal Transcription: Converts audio and video (MP3, WAV, MP4, etc.) into text with automatic identification of up to 10 speakers. Recognizes procedural roles (judge, witness, attorney). Provides precise timestamps (hh:mm:ss) for instant verification.

  • Deep and Reliable Analysis: Detects key contradictions between testimonies. Extracts legal arguments with exact references to applicable regulations. Delivers structured summaries by speaker and relevance, ready to present.

  • Hallucination-Free Accuracy: The entire process is 100% based on real content – no creative interpretations, no errors.

  • Confidentiality and Versatility: Supports multiple languages (Spanish, English, German) and file formats. Maximum security with certified GDPR compliance.

Leonardo Transcriptor converts court recordings into text, recognizes speaker roles and provides precise legal analyses

ABOUT US

We are a group of AI Researcher and Engineers that develop cutting edge technology solutions for the Legal Industry.

Our products stand out for their accuracy and transparency that guarantees quality end efficiency at the highest security standards.

Team of AI researchers and engineers develops precise and secure legal tech solutions for the legal industry

Contact Us

Please reach out to: contact@leonardolegal.io
(+34) 607902266

    Leonardo Legal Support Team advises law firms on AI solutions for contract review and legal analysis

    Leonardo Legal AI

    Location: calle Henares 7
    ES - 28002 Madrid / Spain
    Contact:  info@leonardolegal.io
    Legal Notice

    LEGAL NOTICE - LEONARDO LEGAL AI

    This Legal Notice, together with our Privacy and Cookies Policy, governs the use of the Leonardo Legal AI website.

    By accessing this website, you automatically become a User and fully accept the terms set forth in this document. If you do not accept these terms, you must immediately stop browsing and leave the site.

    Your continued use of the website constitutes an express declaration that:

    • You have reviewed, understood and fully accepted the content of this Legal Notice
    • You agree to comply with all obligations set forth herein.

    Your continued browsing confirms your acceptance of these terms and your willingness to abide by the rules set forth herein.

    1. General information about the Website

    In compliance with the provisions of Article 10 of Law 34/2002, of July 11, on information society services and electronic commerce, the following general information about the Website is provided:

     

    • Owner: Scriptum Ai Technology SL (hereinafter referred to by its trade name, “Leonardo Legal AI”)
    • Headquarters and establishment: c/ Henares 7, Madrid 28002
    • NIF: B19399211
    • Email: support@leonardolegal.io
    • Registration data: Commercial Registry of Madrid, Volume 0, folio 0, entry 1 with sheet M-832026

    2. Description of Leonardo Legal AI

    Leonardo Legal AI is a comprehensive ecosystem of artificial intelligence tools specialized in the legal sector, which includes:

     

    • Leonardo Transcriptor: Transcription and analysis of legal audio and video with automatic speaker identification and diarization for up to 10 participants.
    • Leonardo Contract: Intelligent contract analysis for risk identification, problematic clauses, and compliance assessment
    • Leonardo Sentence: Intelligent analysis of CENDOJ sentences and court documents with critical deadline alerts.
    • Leonardo Legal Case: FIRAC analysis for legal cases under Spanish law with automatic detection of emergencies

    3. Rules for using the Website

    The User agrees to use the Website and all of its content and services in accordance with the law, morality, public order, and this Legal Notice. Furthermore, the User agrees to make appropriate use of the Website's services and/or content and not to use them to engage in illegal activities or activities that constitute a crime, violate the rights of third parties, or infringe any applicable legal provisions.

     

    The User undertakes not to transmit, introduce, distribute and/or make available to third parties any type of material and information (data, content, messages, drawings, sound and image files, photographs, software, etc.) that is contrary to the law, morality, public order and this Legal Notice.

    For professional use only

    Leonardo Legal AI services are intended exclusively for legal professionals and legal entities. The User represents and warrants that:

     

    • It is a duly registered legal professional or an authorized legal entity
    • You will use the services solely for professional purposes in the legal field.
    • It will not allow access to minors
    • It will maintain the confidentiality of the information processed
    • Will respect the applicable professional secrecy

    4. Exclusion of liability

    4.1 General liability

    The User's access to the Website does not imply any obligation on Leonardo Legal AI to monitor for the absence of viruses, worms, or any other harmful computer elements. In any case, the User is responsible for ensuring that appropriate tools are available to detect and disinfect harmful computer programs.

     

    Leonardo Legal AI is not responsible for any damage to the software and/or computer equipment of the User or third parties during the use of the services offered on the Website or while browsing it.

    4.2 Specific disclaimer for artificial intelligence services

    The use of Leonardo Legal AI's artificial intelligence-based tools is intended to provide technological assistance and improve the efficiency of legal processes. However, Leonardo Legal AI expressly warns that:

    Limitations of AI in legal services

    • The functionalities provided by AI DO NOT REPLACE the professional judgment, legal judgment, or personalized advice that should be provided by a qualified attorney.
    • The results generated by Leonardo Legal AI are support tools that ALWAYS require professional supervision and validation.
    • Any legal decision must be verified and supervised by a trained professional who evaluates the data and results obtained autonomously and in accordance with applicable legal regulations.

    Exclusion of liability for decisions based on AI

    Leonardo Legal AI is not responsible for:

     

    • Decisions that legal professionals or their clients make based on the results generated by Leonardo tools
    • The interpretation or application of the analyses provided by AI tools
    • Errors, omissions or inaccuracies in the information processed by the algorithms
    • The consequences arising from the use of transcripts, contractual analyses, interpretations of judgments or case analyses
    • Loss of procedural deadlines based solely on automatic system alerts

    Nature of AI services

    • The responses, analyses or recommendations generated by Leonardo Legal AI DO NOT CONSTITUTE binding legal advice.
    • The results do not guarantee the accuracy, completeness or updating of the information.
    • Analyses are based on data patterns and may contain limitations inherent to the technology.
    • The anti-hallucination system minimizes but does not completely eliminate the possibility of errors

    Responsibility of the professional user

    Users are strongly advised to:

     

    • Independently verify all results generated by Leonardo Legal AI
    • Apply your professional judgment in the interpretation of the analyses
    • Consult current regulations and updated jurisprudence before making decisions
    • Do not use Leonardo Legal AI as the sole source for legal decision-making.
    • Validate all dates and deadlines identified by the system

    5. Contents and services linked through the Website

    The Website may contain technical linking devices, directories, and even search tools that allow the User to access other Internet pages and portals (hereinafter, "Linked Sites"). In these cases, Leonardo Legal AI will only be responsible for the content and services provided on the Linked Sites to the extent that it has actual knowledge of their unlawfulness and has not deactivated the link with due diligence.

     

    Under no circumstances should the existence of Linked Sites imply the formalization of agreements between Leonardo Legal AI and the responsible parties or owners of the same, nor the recommendation, promotion or identification of Leonardo Legal AI with the statements, content or services provided by said Linked Sites.

    6. Intellectual and industrial property

    6.1 Leonardo Legal AI Rights

    All content on the Website, including but not limited to:

     

    • The artificial intelligence algorithms of Leonardo tools
    • The source code and system architecture
    • Databases and training models
    • Technical documentation and methodologies
    • Graphic design and user interface
    • The trademarks "Leonardo Legal AI", "Leonardo Transcriptor", "Leonardo Contract", "Leonardo Sentence" and "Leonardo Legal Case"
    • FIRAC analysis and automatic diarization systems

     

    They are the exclusive intellectual property of Leonardo Legal AI or third parties, and none of the exploitation rights recognized by current intellectual property regulations may be understood to be transferred to the User.

    6.2 Rights to User Content

    The User retains exclusive ownership of all documents, audios, videos, contracts, judgments, and other content entered into the Leonardo Legal AI tools. Leonardo Legal AI will process such content solely to provide the requested services, without acquiring ownership rights over it.

    6.3 Rights to the results generated

    The analyses, transcripts, FIRAC reports, deadline alerts, and other results generated by Leonardo Legal AI belong to the User, who may freely use them in their professional practice, without prejudice to the limitations of liability established in this Legal Notice.

    7. Confidentiality and data protection

    7.1 Professional confidentiality

    Leonardo Legal AI recognizes the highly confidential nature of the information processed through its tools and is committed to:

     

    • Encrypted processing: All information is processed with end-to-end encryption
    • No permanent storage: Documents are not stored on servers beyond the time required for processing
    • GDPR compliant: Strict compliance with the General Data Protection Regulation
    • Total confidentiality: No access to the content of processed documents except for essential and authorized technical reasons.
    • Maximum security: Implementation of high-level technical and organizational security measures

    7.2 Processing of personal data

    The processing of personal data will be governed by Leonardo Legal AI's specific Privacy Policy and, where applicable, by any data processing agreements that may be entered into with professional users, especially when third-party data is processed in legal documents.

    8. Technical limitations and availability

    8.1 Service availability

    Leonardo Legal AI will strive to maintain optimal availability of all its tools, but does not guarantee uninterrupted operation. The service may be affected by:

     

    • Scheduled maintenance of AI systems
    • Updates to machine learning algorithms and models
    • Unforeseen technical circumstances
    • Limitations of third-party infrastructure
    • System overload due to high demand

    8.2 Specific technical limitations

    Leonardo Legal AI has the following technical limitations:

    Leonardo Transcriber:

    • Maximum identification of 10 different speakers
    • Supported audio formats: MP3, WAV, M4A, OGG
    • Supported video formats: MP4, WebM, MOV, MKV, AVI
    • Supported languages: Spanish, English and German

    Leonardo Contract:

    • Analysis based exclusively on the text of the contract provided
    • Specialization in contracts under Spanish law
    • File size limitations depending on the plan purchased

    Leonardo Sentence:

    • Processing of CENDOJ and similar documents
    • Multidimensional analysis limited to the information contained in the document
    • Automatic scoring system subject to the quality of the original document

    Leonardo Legal Case:

    • FIRAC analysis applicable to the Spanish legal system
    • Specialization in criminal, civil, administrative and labor law
    • Detection of deadlines based on current Spanish regulations

    9. Anti-hallucination system and validation

    Leonardo Legal AI implements advanced systems to minimize errors and hallucinations:

     

    • Analysis based 100% on real text: No invented clauses, deadlines or non-existent arguments
    • Automatic cross-validation: Checking consistency across all extracted information
    • Exact references: Each finding includes a specific reference to the point in the document analyzed.
    • Consistency Scoring: Automatic evaluation of temporal and logical consistency
    • No creative interpretations: Only verifiable facts from the document

     

    However, current AI technology cannot guarantee 100% accuracy, so the need for professional oversight remains.

    10. Modifications and updates

    Leonardo Legal AI reserves the right to:

     

    • Modify this Legal Notice at any time, notifying substantial changes
    • Update the functionalities of Leonardo tools
    • Improving artificial intelligence algorithms and anti-hallucination systems
    • Add new tools to the Leonardo ecosystem
    • Change the conditions of access and use with prior notice

     

    Substantial changes will be communicated to users at least 30 days in advance.

    11. Conflict resolution and customer service

    For any questions, incidents, or complaints related to the use of Leonardo Legal AI, users can contact us through:

     

    • Support email: [support email]
    • Ticket system: [if applicable]
    • Customer service phone number: [if applicable]

     

    Leonardo Legal AI is committed to responding to all inquiries within a maximum of 48 business hours.

    12. Nullity and ineffectiveness of the clauses

    If any clause included in this Legal Notice is declared totally or partially null or ineffective, such nullity or ineffectiveness will only affect said provision or the part thereof that is null or ineffective, the Legal Notice remaining in force in all other respects and such provision being considered totally or partially as not included.

    13. Applicable legislation and competent jurisdiction

    This Legal Notice shall be governed by and construed in accordance with Spanish law. For the resolution of any dispute arising from access to or use of the Website and Leonardo Legal AI's services, the parties expressly submit to the jurisdiction of the courts of Madrid, expressly waiving any other jurisdiction that may apply.

     

     

    Last updated: September 1, 2025

     

    Contact for legal inquiries: legal@leonardolegal.io

    Privacy Policy

    PRIVACY POLICY - LEONARDO LEGAL AI

    Last updated: September 2025
     Version: 1.0
     Entry into force: September 2025

    GENERAL INFORMATION

    At Leonardo Legal AI, we are committed to protecting our users' privacy and personal data with the highest standards of security and regulatory compliance. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our ecosystem of specialized artificial intelligence tools for the legal sector.

    All processing of personal data is carried out in strict compliance with applicable data protection regulations:

    • General Data Protection Regulation (EU) 2016/679 (GDPR)
    • Organic Law 3/2018 on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD)
    • Law 34/2002, on information society services and electronic commerce (LSSI)

    1. DATA CONTROLLER

    Leonardo Legal AI SL

    • NIF: B19399211
    • Address: c/ Henares, 7. Madrid 28002
    • Contact email: soporte@leonardolegal.io
    • Phone: [Phone Number]
    • Web: https://www.leonardolegal.io

    1.1 Data Protection Officer (DPO)

    Leonardo Legal AI has appointed a Data Protection Officer in compliance with Article 37 of the GDPR to oversee compliance with data protection regulations. The appointment of the DPO has been duly notified to the Spanish Data Protection Agency (AEPD).

    Functions of the DPD:

    • Monitor compliance with data protection regulations
    • Advise on data protection obligations
    • Act as a point of contact with the supervisory authorities
    • Conduct data protection impact assessments where necessary
    • Train and raise awareness among staff on data protection

    When to contact the DPO:

    • To exercise your rights as an interested party
    • For questions about the processing of personal data
    • To report potential data breaches
    • For questions related to this Privacy Policy

    DPO contact details:

    • Email: dpo@leonardolegal.io
    • Address: [Same address as Leonardo Legal AI]
    • Opening hours: Mon 9:00-17:00 (CET)

    2. LEONARDO LEGAL AI SERVICES

    Leonardo Legal AI is a comprehensive ecosystem of artificial intelligence tools specialized in the legal sector, designed exclusively for legal professionals. Our services include:

    2.1 Leonardo Transcriber

    • Automatic transcription of legal audio and video
    • Identification and diarization of up to 10 different speakers
    • Specialized analysis (Legal, Executive, Deadlines, Commitments)
    • Supported formats: MP3, WAV, M4A, OGG, MP4, WebM, MOV, MKV, AVI
    • Languages: Spanish, English and German

    2.2 Leonardo Contract

    • Smart contract analysis
    • Identification of risks and problematic clauses
    • Verification of regulatory compliance
    • Anti-hallucination system with cross-validation
    • Specialization in Spanish law

    2.3 Leonardo Sentence

    • Intelligent analysis of CENDOJ rulings and court documents
    • Detecting critical deadlines with automatic alerts
    • Specialized reports (strategic, corporate, academic)
    • Automatic scoring of temporal and logical coherence

    2.4 Leonardo Legal Case

    • FIRAC Analysis (Facts, Issues, Rules, Application, Conclusion)
    • Specialization in criminal, civil, administrative and labor law
    • Automatic detection of procedural emergencies
    • Multidimensional analysis of legal cases

    3. PURPOSES OF THE PROCESSING

    3.1 User and service management

    • Purpose: Registration, identification and management of user accounts, access to the platform
    • Legal basis: Execution of the contract (Art. 6.1.b GDPR)
    • Data processed: Name, surname, email, password, billing information, professional information

    3.2 Provision of artificial intelligence services

    • Purpose: Processing of legal documents through Leonardo tools
    • Legal basis: Execution of the contract (Art. 6.1.b GDPR)
    • Data processed: Content of legal documents, metadata, analysis results
    • Important: Leonardo Legal AI acts as the Data Processor for this data.

    3.3 Service communications

    • Purpose: Sending transactional communications, security updates, changes in terms and conditions
    • Legal basis: Performance of the contract (Art. 6.1.b GDPR) / Legitimate interest (Art. 6.1.f GDPR)
    • Data processed: Email, communication preferences

    3.4 Marketing and commercial communications

    • Purpose: Sending newsletters, information about new features and services
    • Legal basis: Consent (Art. 6.1.a GDPR) / Legitimate interest for existing customers (Art. 6.1.f GDPR)
    • Data processed: Email, name, commercial preferences

    3.5 Technical support and customer service

    • Purpose: Resolution of queries, technical incidents and improvement of customer service
    • Legal basis: Performance of the contract (Art. 6.1.b GDPR) / Legitimate interest (Art. 6.1.f GDPR)
    • Data processed: Contact information, communication history, technical logs

    3.6 Service improvement and AI development

    • Purpose: Usage analysis to improve algorithms, development of new functionalities
    • Legal basis: Legitimate interest (Art. 6.1.f GDPR) with anonymized data
    • Important: We NEVER use the content of legal documents for training.

    3.7 Compliance with legal obligations

    • Purpose: To comply with legal, fiscal, judicial or administrative requirements
    • Legal basis: Compliance with legal obligations (Art. 6.1.c GDPR)

    4. INTERNATIONAL TRANSFERS

    Leonardo Legal AI uses technology providers specializing in artificial intelligence, which may involve international data transfers. We guarantee compliance with Chapter V of the GDPR:

    4.1 Main infrastructure (100% Europe)

    Digital Ocean LLC

    • Services: Cloud infrastructure, hosting, storage
    • Location: Frankfurt, Germany (fra1)
    • Guarantees: Data stored exclusively on German territory
    • Mechanism: No international transfers

    4.2 Artificial intelligence services

    AssemblyAI Inc. (United States)

    • Service: Automatic transcription and diarization
    • Tool: Leonardo Transcriber
    • Location: Dublin, Ireland (AWS EU West 1)
    • Guarantees:
      • 100% European processing via api.eu.assemblyai.com
      • Standard Contractual Clauses (SCC) + SOC 2 Type II
      • Automatic deletion after processing

    Anthropic PBC (United States)

    • Services: Advanced legal document analysis
    • Tools: Leonardo Contract, Sentence, Legal Case
    • Guarantees:
      • European servers from August 2025
      • Standard Contractual Clauses (SCC)
      • Data Privacy Framework (DPF) where applicable
      • Temporary processing with automatic deletion

    OpenAI LLC (United States)

    • Services: AI Complementary Processing
    • Guarantees:
      • Standard Contractual Clauses (SCC)
      • Data Privacy Framework (DPF)
      • Specific non-use policies for training

    4.3 Additional protection measures

    • Data minimization: Only strictly necessary information
    • End-to-end encryption: TLS 1.3 for all communications
    • Pseudonymization: When technically possible
    • Automatic deletion: Immediate deletion after processing
    • Monitoring: Real-time monitoring of transfers

    5. CONSERVATION PERIOD

    5.1 Registered user data

    • Duration: During the validity of the active account
    • Inactivity: Elimination after 12 months without activity
    • Cancellation: Immediate deletion except for legal obligations

    5.2 Processing data (Leonardo Tools)

    • Original documents: Not permanently stored
    • Analysis results: Preservation according to user settings
    • Technical metadata: 90 days for debugging and service improvement
    • Processing logs: 12 months for audit and security

    5.3 Communications data

    • Support inquiries: 3 years from last interaction
    • Commercial communications: Until unsubscribed
    • Billing data: 6 years (legal tax obligation)

    5.4 Anonymized data

    • Usage statistics: Indefinitely (does not constitute personal data)
    • Performance metrics: For continuous service improvement

    6. RECIPIENTS AND TRANSFERS

    Leonardo Legal AI does not sell, rent, or lease personal data to third parties for commercial purposes. The only data transfers are made:

    6.1 Essential service providers

    • Technological infrastructure: Digital Ocean (Frankfurt, Germany)
    • AI services: AssemblyAI, Anthropic, OpenAI with GDPR guarantees
    • Payment Processing: Stripe with Standard Contractual Clauses
    • Transactional email: SendGrid with European servers

    6.2 Legal obligations

    • Competent authorities: When there is a judicial or administrative requirement
    • Regulatory bodies: For compliance with applicable regulations

    6.3 Corporate Operations

    • Mergers/acquisitions: Prior notification and with the same protection guarantees

    7. USER RIGHTS

    As a Leonardo Legal AI user, you have the following rights over your personal data:

    7.1 Right of access (Art. 15 GDPR)

    • Confirm whether we process your personal data
    • Obtain a copy of your data and information about the processing
    • Exercise: Contacting dpo@leonardolegal.io

    7.2 Right to rectification (Art. 16 GDPR)

    • Correction of inaccurate or incomplete data
    • Exercise: From your control panel or by contacting support

    7.3 Right to erasure (Art. 17 GDPR)

    • Deleting your data when it is no longer needed
    • Limitations: When there are legal conservation obligations
    • Exercise: From account setup or request to dpo@leonardolegal.io

    7.4 Right of limitation (Art. 18 GDPR)

    • Temporary suspension of treatment in certain circumstances
    • Exercise: Motivated request to dpo@leonardolegal.io

    7.5 Right to portability (Art. 20 GDPR)

    • Transfer of your data to another service provider
    • Format: Structured, commonly used and machine-readable
    • Exercise: Contacting support@leonardolegal.io

    7.6 Right to object (Art. 21 GDPR)

    • Opposition to processing based on legitimate interest
    • Commercial communications: Immediate cancellation via unsubscribe link
    • Exercise: From account settings or email to dpo@leonardolegal.io

    7.7 Withdrawal of consent

    • Withdrawal of consent granted at any time
    • Effects: Does not affect treatments prior to consent
    • Exercise: From account settings

    8. SECURITY MEASURES

    Leonardo Legal AI implements state-of-the-art technical and organizational security measures:

    8.1 Technical measures

    • Encryption: AES-256 for data at rest, TLS 1.3 for transmission
    • Authentication: Multi-factor required for professional accounts
    • Monitoring: 24/7 Intrusion Detection
    • Backup: Encrypted backups with geographically distributed retention
    • Isolation: Container architecture with data segregation

    8.2 Organizational measures

    • Certification:
      • ISO 27001:2022.
      • ENS and ISO 42001-2023 (in process)
    • Training: Personnel specialized in data protection in the legal sector
    • Access: Principle of least privilege with full audit
    • Policies: Documented security and privacy procedures
    • Audits: Periodic internal and external reviews

    8.3 Specific protection legal sector

    • Enhanced Confidentiality: Additional Professional Secrecy Commitments
    • Segregation: Data from different law firms completely isolated
    • Traceability: Immutable logs of access to legal documents
    • Secure Deletion: Verifiable Erasure with Certification

    9. COOKIES AND TRACKING TECHNOLOGIES

    Leonardo Legal AI uses cookies and similar technologies to improve user experience:

    9.1 Essential Cookies

    • Purpose: Basic operation of the platform
    • Duration: User session
    • Legal basis: Legitimate interest / Execution of the contract

    9.2 Functionality Cookies

    • Purpose: Remember preferences and settings
    • Duration: 12 months
    • Legal basis: Consent

    9.3 Analytical cookies

    • Purpose: Anonymized usage analysis to improve service
    • Provider: Google Analytics 4 with IP anonymization
    • Legal basis: Consent

    For more information, please see our specific Cookie Policy .

    10. MINORS

    Leonardo Legal AI services are designed exclusively for legal professionals and are not intended for persons under the age of 18. We do not knowingly collect personal data from minors.

    If you become aware that a minor has provided personal data, please contact dpo@leonardolegal.io immediately to have it deleted.

    11. POLICY MODIFICATIONS

    Leonardo Legal AI reserves the right to modify this Privacy Policy to adapt to:

    • Legislative or jurisprudential changes
    • New features or services
    • Improvements in data protection measures
    • Recommendations from supervisory authorities

    11.1 Notification of Changes

    • Substantial Changes: 30 Days' Notice
    • Minor Changes: Website Update with New Date
    • Communication: Email registered users for important changes

    12. CONTROL AUTHORITY AND CLAIMS

    12.1 Right to complain

    If you believe that the processing of your data does not comply with regulations, you can file a complaint with:

    Spanish Data Protection Agency (AEPD)

    • Website: aepd.es
    • Electronic headquarters: gob.es
    • Telephone: 912 663 517
    • Address: C/ Jorge Juan, 6, 28001 Madrid

    12.2 Direct resolution

    Before contacting the supervisory authority, we encourage you to contact us directly so we can collaboratively resolve any issues.

    13. CONTACT INFORMATION

    13.1 Specialized contacts

    Consultation

    Contact

    General inquiries

    support@leonardolegal.io

    Data protection

    dpo@leonardolegal.io

    Exercise of rights

    rights@leonardolegal.io

    Security incidents

    seguridad@leonardolegal.io

    Technical support

    support@leonardolegal.io

    Billing

    facturacion@leonardolegal.io

    13.2 Opening Hours

    • General Support: Mon 9:00-18:00 (CET)
    • Security emergencies: 24/7
    • Data protection: Mon 9:00-17:00 (CET)

    14. ADDITIONAL LEGAL INFORMATION

    14.1 Applicable legislation

    This Privacy Policy is governed by:

    • Regulation (EU) 2016/679 (GDPR)
    • Organic Law 3/2018 (LOPDGDD)
    • Law 34/2002 (LSSI-CE)
    • Complementary Spanish legislation

    14.2 Jurisdiction

    For any dispute that may arise in relation to this Privacy Policy, the parties expressly submit to the courts and tribunals of [City], waiving any other jurisdiction that may apply to them.

    14.3 Language

    In the case of translations into other languages, the Spanish version will always prevail in the event of any discrepancies.

    SUMMARY INFORMATION

    Field

    Information

    Responsible

    Leonardo Legal AI SL

    Main purpose

    Legal AI services

    Legal basis

    Execution of contract / Consent

    Transfers

    US with CCT/DPF guarantees

    Conservation

    During validity + legal obligations

    Rights

    Access, rectification, deletion, etc.

    DPO

    dpo@leonardolegal.io

    Authority

    AEPD (www.aepd.es)

    Last updated: September 2025
     Version: 1.0
     Next review: March 2026

    This Privacy Policy has been specifically designed for Leonardo Legal AI's artificial intelligence services, taking into account the specificities of data processing in the legal sector and ensuring strict compliance with the GDPR and Spanish data protection legislation.

     

    Terms and Conditions

    Leonardo Legal AI Terms and Conditions

    Version 1.0 - September 2025

    1. GENERAL INFORMATION

    1.1 Identification of the Service Provider

    Leonardo Legal AI is a trademark operated by Scriptum AI Technology SL with registered office at Calle Henares 7, Madrid 28002 , registered in the Mercantile Registry of Madrid , Volume 0, folio 0, entry 1 with page M-832026 with CIF B19399211 .

    Contact:

    • Website: leonardolegal.io
    • Support email: soporte@leonardolegal.io
    • DPO Email: dpo@leonardolegal.io

    1.2 Nature of the Service

    Leonardo Legal AI is a comprehensive ecosystem of artificial intelligence tools specialized in the legal sector, which includes:

    • Leonardo Transcriber : Transcription and analysis of legal audio/videos
    • Leonardo Contract : Intelligent Contract Analysis
    • Leonardo Sentence : Analysis of court rulings
    • Leonardo Legal Case : Analysis of legal cases using FIRAC methodology

    1.3 Scope and Applicability

    These terms govern exclusively the professional use of Leonardo Legal AI's services. They are not intended for end users and are intended for use by legal professionals or legal entities.

    2. DEFINITIONS

    For the purposes of these terms, the following are understood as:

    "Services" : Leonardo Legal AI's suite of legal AI tools accessible through our SaaS platform.

    "Client" : The natural or legal person who contracts the services and acts in the exercise of his or her professional activity.

    "Authorized User" : A natural person authorized by the Client to access and use the Services.

    "Knowledge Base" : A set of documents and data provided by the Client for processing by AI.

    "Output" : Any result, analysis, transcription or report generated by Leonardo tools.

    "Platform" means the SaaS technology infrastructure that enables access to the Services.

    "Leonardo Credits" : Unit of measurement for the consumption of AI services, variable according to computational complexity.

    3. PURPOSE OF THE CONTRACT

    3.1 Services Provided

    Leonardo Legal AI provides a non-exclusive, worldwide, non-transferable, revocable license to access our ecosystem of legal AI tools:

    3.1.1 Leonardo Transcriber

    • Automatic transcription with AssemblyAI Universal-2
    • Automatic diarization of up to 10 different speakers
    • Specialized analysis using Claude Sonnet 4 (Legal, Executive, Deadlines, Commitments)
    • Supported formats: MP3, WAV, M4A, OGG, MP4, WebM, MOV, MKV, AVI
    • Languages: Spanish, English and German
    • Asynchronous processing with Celery and RabbitMQ

    3.1.2 Leonardo Contract

    • Intelligent Contract Analysis with Claude Sonnet 4
    • Identification of risks and ambiguities
    • Verification of regulatory compliance
    • Anti-hallucination system with cross-validation
    • Professional downloadable reports in PDF format
    • Zero Data Retention enabled for maximum confidentiality

    3.1.3 Leonardo Sentence

    • Multidimensional analysis of court rulings
    • Processing of CENDOJ and similar documents
    • Automatic detection of critical deadlines with integrated countdown
    • Automatic scoring system for consistency and relevance
    • Strategic, corporate and academic analysis

    3.1.4 Leonardo Legal Case

    • FIRAC Analysis (Facts, Issues, Rules, Application, Conclusion)
    • Specialization in criminal, civil, administrative and labor law
    • Automatic detection of procedural emergencies
    • Deadline alerts based on Spanish regulations
    • Comparative analysis with similar jurisprudence

    3.1.5 Veritas Chatbot

    • Conversational assistant specialized in Spanish law
    • Integration with knowledge base of processed documents
    • Natural language queries on cases and regulations
    • Contextualized responses based on previous analysis

    3.2 License Modalities

    SaaS license with the following features:

    • Non-exclusive and unilaterally revocable
    • Non-transferable to third parties
    • Duration linked to the contracted plan
    • Territory: Worldwide
    • Express prohibition of copies of the underlying software

    3.3 Express Exclusions

    The following are expressly excluded from the scope of the contract:

    • Access to the source code or algorithms of Leonardo Legal AI
    • The provision of direct legal advice
    • Custom developments not included in the contracted plan
    • Guarantee of infallibility of AI results

    4. PLANS AND ECONOMIC CONDITIONS

    4.1 Test Plan Modality

    Leonardo Legal AI offers free access through a Trial Version intended exclusively for the evaluation of the platform's functionalities by legal professionals.

    4.1.1 Access and Authentication

    Registration : Simplified form available at leonardo-legal.ai

    Authentication : Secure single-use link system (magic link) sent to email

    No password : Access is managed exclusively through temporary links

    Responsibility : The User is responsible for the custody of his/her email account.

    4.1.2 Specific Limitations of the Trial Version

    a) AI Interactions : Maximum 50 interactions with any of the Leonardo tools (Transcriber, Contract, Sentence, Legal Case, Veritas Chatbot) 10 per tool. Once the limit is reached, read-only access is available to view the generated history.

    b) Legal Assistants : Maximum load of 1 document for analysis and processing.

    c) Transcripts : Maximum 10 audio/video files with a total duration of no more than 150 minutes. 10 files for each paralegal.

    d) Limited Functionalities : Leonardo Legal AI reserves the right to restrict certain advanced functionalities compared to paid plans.

    e) Storage : Data retention limited to the duration from the initial registration.

    4.1.3 Test Plan Characteristics

    Duration : 15 days, but subject to usage limitations

    Conversion : Possibility of upgrading to a paid plan at any time

    No renewal : The trial version does not renew automatically.

    Post-limit access : Read-only mode to view previous results

    Support : Limited to documentation and FAQs

     

    4.2 Contracting Modalities

    Leonardo Legal AI offers flexible contracting options through different plans and subscription periods: monthly, quarterly, semi-annual, and annual. Each option provides access to a specific set of services and features determined by the selected plan and SLAs.

    Contractual Stability : The economic and technical conditions in force at the time of the contract will remain unchanged throughout the duration of the contracted period, providing certainty and predictability to the Client.

    Plan Changes : The Customer retains the right to update their service plan at any time during the term of the contract. Such changes will be governed by the terms and rates in effect at the time of the change, and will be effective immediately for the next billing period.

    4.3 Leonardo Credit System

    Leonardo Credits are consumed according to computational complexity:

    • Transcription : Variable depending on the duration of the files to be transcribed
    • Contractual analysis : Variable for consumption of queries on the document
    • Sentence analysis : Variable by consumption of queries on the document
    • FIRAC Analysis : Variable by consumption of queries on the document

    4.4 Billing and Renewal

    • Advance Billing : Services are billed in advance
    • Automatic renewal : Plans are automatically renewed unless cancelled 15 days in advance.
    • Price modification : Possible with 60 days' notice for future renewals
    • No refunds : Payments made are non-refundable except for justified reasons.

    5. CONDITIONS OF USE

    5.1 Permitted Use

    The Client is authorized to:

    • Use the Services for legal professional purposes only
    • Process legal documents for yourself or authorized clients
    • Share output with third parties related to specific cases
    • Download and store generated results
    • Integrate via API according to the contracted plan

    5.2 Express Restrictions

    It is strictly prohibited :

    • Reverse engineering of software or algorithms
    • Use to train competing AI models
    • Sharing login credentials with unauthorized third parties
    • Document processing for competitive analysis
    • Massive automated use without express authorization
    • Introduction of malware or harmful content
    • Use outside Spanish territory unless specifically authorized
    • Processing of personal data without an adequate legal basis

    5.3 Customer Responsibilities

    The Client agrees to:

    • Verify that you have rights to the processed documents
    • Maintain the confidentiality of your credentials
    • Comply with applicable data protection regulations
    • Professionally validate all generated outputs
    • Immediately report any unauthorized use

    6. RESPONSIBILITY AND LIMITATIONS OF AI

    6.1 Nature of AI Services

    IMPORTANT NOTICE : Leonardo Legal AI is a technological assistance tool that DOES NOT REPLACE the professional judgment of a qualified attorney.

    6.2 Specific Limitations

    • Outputs DO NOT constitute binding legal advice
    • The results require mandatory professional supervision and validation.
    • AI may contain limitations inherent to current technology
    • Analyses are based on data patterns and may contain errors.
    • The dates and deadlines identified must be independently verified

    6.3 Anti-Hallucination System

    Leonardo Legal AI implements:

    • Analysis based 100% on real text provided
    • Automatic cross-validation of findings
    • Exact references to specific points in the document
    • Prohibition of creating non-existent content
    • Temporal and logical consistency scoring system

    6.4 Exclusion of Liability

    Leonardo Legal AI is not responsible for:

    • Decisions made based solely on AI output
    • Loss of procedural deadlines by relying solely on automatic alerts
    • Errors in the interpretation of results
    • Consequences of improper use of tools
    • Damage due to service interruptions or maintenance

    7. INTELLECTUAL PROPERTY

    7.1 Property of Leonardo Legal AI

    Leonardo Legal AI maintains exclusive ownership of:

    • The software, algorithms and source code
    • Trademarks and distinctive signs
    • Technical documentation and methodologies
    • The improvements and updates developed
    • Aggregate data and usage statistics

    7.2 Customer Property

    The Client retains exclusive ownership of:

    • The processed original documents
    • The output generated by Leonardo tools
    • Your Knowledge Base and own content
    • Your case and client data

    7.3 Cross-Licensing

    • Client to Leonardo Legal AI : Limited license to process documents exclusively to provide the Services
    • Leonardo Legal AI to Client : Full ownership of the Output for commercial and professional use without restrictions

    8. PROTECTION OF PERSONAL DATA

    8.1 Regulatory Framework

    The processing of personal data is governed by:

    • General Data Protection Regulation (GDPR)
    • Organic Law 3/2018 on Data Protection
    • Applicable national and international regulations

    8.2 Roles and Responsibilities

    • Client : Data Controller
    • Leonardo Legal AI : Data Processor

    8.3 Data Residency

    Guaranteed Location :

    • Main data center : Amsterdam, Netherlands (Digital Ocean AMS3)
    • Residency Policy : All data stored exclusively within European territory
    • No US transfers : Data is not transferred to US storage centers.
    • AI Processing : AssemblyAI Dublin (Ireland), Anthropic and OpenAI with European residency when available

    Europa First Mode (Settings Used) :

    • Digital Ocean Amsterdam: Storage and Database
    • AssemblyAI Dublin: Transcription via European endpoint
    • Anthropic Europe: Legal analysis on European servers
    • ✅ OpenAI Europe: Queries with EU data residency when available

    Technical Guarantees :

    • MongoDB 7.0 managed by Digital Ocean in Amsterdam
    • Digital Ocean Spaces (S3-compatible) with AES-256 encryption
    • Backups replicated within the EEA exclusively
    • Zero Data Retention configured on all AI providers

    8.4 International Transfers

    When technically necessary:

    • Application of Standard Contractual Clauses approved by the EU
    • Specific data protection agreements (DPA)
    • Additional safeguards under the EU-US Data Privacy Framework

    8.5 Rights of Interested Parties

    Interested parties may exercise their rights by contacting:

    • Email : dpo@leonardo-legal.ai
    • Postal address : [COMPLETE ADDRESS]

    9. SECURITY AND TECHNICAL MEASURES

    9.1 Security Measures Implemented

    Ocean Amsterdam Digital Infrastructure :

    • Encryption : AES-256 at rest for MongoDB 7.0 managed
    • Communications : TLS 1.3 for all connections
    • Authentication : Keycloak 24.x with MFA/OTP and TOTP support
    • Segregation : Complete isolation of data by client and environment
    • Monitoring : Native Digital Ocean Monitoring with 24/7 alerts

    Secure Technology Stack :

    • Frontend : React 18.x with TypeScript served by Nginx 1.24.x
    • Backend : FastAPI 0.100+ with Python 3.11 and Uvicorn + Gunicorn
    • Process Queue : RabbitMQ 3.12 with TLS and Authentication
    • Database : MongoDB 7.0 with native encryption and daily backups
    • Storage : Digital Ocean Spaces S3-compatible encryption

    Secure Asynchronous Processing :

    • Celery 5.3 for transcript processing and analysis
    • Task isolation : Independent workers for each type of process
    • Zero Data Retention : Configuration enabled in AssemblyAI and Anthropic
    • Automatic Deletion : Temporary files deleted post-processing

    Access Control :

    • Keycloak 24.x with separate realms per environment
    • Granular RBAC : Admin and user roles with specific permissions
    • JWT : Tokens with a 90-minute expiration
    • Restrictive CORS : Configured between React frontend and FastAPI backend

    9.2 Incident Response

    In case of a security breach:

    • Notification to the Client within a maximum of 24 hours
    • Immediate investigation and corrective measures
    • Detailed incident report
    • Collaboration with authorities if necessary

    10. AVAILABILITY AND TECHNICAL SUPPORT

    10.1 Service Level

    • Target availability : 99.5% monthly
    • Scheduled maintenance : 48h advance notice
    • Schedule : Preferably outside of business hours

    10.2 Technical Support

    Starter/Professional Plan :

    • Email support during business hours
    • Response time: 24-48 hours

    Enterprise Plan :

    • Multi-channel priority support
    • Dedicated Account Manager
    • Response time: 4-8 business hours

    11. CONFIDENTIALITY

    11.1 Confidential Information

    It is considered confidential:

    • All documents processed by the Client
    • The output generated by the tools
    • The methods and strategies employed by Leonardo Legal AI
    • Any information expressly marked as confidential

    11.2 Confidentiality Obligations

    Both parties agree to:

    • Maintain strict confidentiality regarding the information exchanged
    • Do not disclose information to third parties without authorization
    • Use the information exclusively for the purposes of the contract
    • Apply the same protective measures as to your own confidential information

    12. LIMITATIONS AND WARRANTIES

    12.1 Limitations of AI Technology

    The Client accepts that:

    • Current AI does not achieve 100% accuracy
    • The results require mandatory professional validation.
    • There may be limitations in complex or atypical legal cases.
    • Regulatory updates may require adaptations

    12.2 Guarantees Provided

    Leonardo Legal AI guarantees:

    • Legitimate ownership of the platform's rights
    • Implementation of security best practices
    • Compliance with data protection regulations
    • Operation in accordance with published specifications

    12.3 Warranty Exclusions

    The Services are provided "as is" without additional warranties of:

    • Merchantability or fitness for a particular purpose
    • Uninterrupted or error-free operation
    • Absolute accuracy of all results
    • Compatibility with third-party systems

    13. RESPONSIBILITY

    13.1 Limitation of Liability

    Leonardo Legal AI's maximum liability is limited to:

    • Maximum amount : The value of the installments paid in the previous 12 months
    • Excluded damages : Loss of profits, loss of data, indirect damages
    • Exceptions : Fraud, gross negligence or breach of confidentiality

    13.2 Customer Indemnity

    The Client undertakes to indemnify Leonardo Legal AI against:

    • Claims for misuse of the Services
    • Infringements of third party rights by processed documents
    • Breaches of these conditions
    • Using Output without proper professional validation

    14. DURATION AND TERMINATION

    14.1 Validity

    The contract will have a duration of:

    • Monthly plans : 1 month with automatic renewal
    • Annual plans : 1 year with automatic renewal
    • Business plans : As specified in the particular contract

    14.2 Termination by the Client

    The Client may terminate the contract:

    • Monthly plans : 15 days in advance
    • Annual plans : 30 days in advance
    • No right to refund of amounts already paid

    14.3 Effects of Termination

    At the end of the contract:

    • Access automatically switches to "Trial Mode" with limited functionality
    • Data retention for 12 months from the last activity
    • Notification 30 days before final deletion
    • Possibility of exporting data in standard format

    15. DATA PROTECTION - DPA AGREEMENT

    15.1 Roles in Data Protection

    • Client : Data Controller
    • Leonardo Legal AI : Data Processor

    15.2 Purposes of the Treatment

    The sole purpose of the processing is to provide the following services:

    • Legal document analysis using AI
    • Transcription of audiovisual content
    • Generation of specialized reports and analysis
    • Detection of critical deadlines and dates

    15.3 Categories of Data Processed

    Identification Data : Names, DNI/NIE, addresses, signatures Contact Data : Emails, telephone numbers, postal addresses

    Professional Data : Positions, companies, professional associations

    Economic Data : Amounts, bank accounts, tax information

    Judicial Data : Details of procedures, files, facts

    Special Categories : Only incidentally, under the Client's responsibility

    15.4 Safety Measures

    Techniques :

    • AES-256 encryption at rest and TLS 1.3 in transit
    • Mandatory multi-factor authentication
    • Complete data segregation by client
    • Encrypted backup across multiple locations EU
    • 24/7 Monitoring with AWS GuardDuty

    Organizational :

    • Staff trained in data protection
    • Least privilege access policies
    • Annual security audits
    • Documented incident response plan
    • Record of processing activities

    15.5 Authorized Subprocessors

    Supplier

    Location

    Purpose

    Guarantees

    Digital Ocean

    Frankfurt, DE

    Hosting and infrastructure

    CCT + EU Residence

    AssemblyAI

    Dublin, IE

    Audio transcript

    CCT + UE Endpoint

    Anthropic

    Variable

    Document analysis

    CCT + EU Residency available

    OpenAI

    Variable

    AI Processing

    CCT + EU Residency available

    15.6 Rights of Interested Parties

    Procedure :

    1. Leonardo Legal AI forwards requests to the Client within 72 hours
    2. Assistance in compliance with ARCO-POL rights
    3. Collaboration in impact assessments where appropriate

    16. MODIFICATIONS

    16.1 Modification Procedure

    Leonardo Legal AI may modify these terms:

    • Notification : Minimum 30 days' notice
    • Tacit acceptance : Continued use implies acceptance
    • Right of termination : Possibility of canceling without penalty if the changes are not accepted

    16.2 Justified Causes for Modification

    • Regulatory or jurisprudential changes
    • Significant technological improvements
    • New features or tools
    • Changes in operating costs
    • Updated security requirements

    17. FORCE MAJEURE

    Neither party shall be liable for any breach due to:

    • Natural disasters or extreme weather events
    • Acts of public authorities or legislative changes
    • Labor disputes or strikes
    • Cyberattacks or massive internet failures
    • Pandemics or other health emergencies

    Duration : If force majeure persists for more than 90 days, either party may terminate the contract.

    18. CONFLICT RESOLUTION

    18.1 Prior Mediation

    Before going to court, the parties will attempt to resolve any dispute amicably by:

    • Direct negotiation for 30 days
    • Mediation before a specialized institution if necessary

    18.2 Jurisdiction and Applicable Law

    • Applicable law : Spanish legislation
    • Jurisdiction : Courts of Barcelona
    • Language : Spanish

    19. FINAL PROVISIONS

    19.1 Entire Agreement

    These terms constitute the entire agreement between the parties, superseding any prior agreements except for specific written agreements.

    19.2 Assignment

    • By the Client : Prohibited without written consent
    • By Leonardo Legal AI : Allowed to group companies or in cases of merger/acquisition

    19.3 Divisibility

    If any clause is declared invalid, the rest of the contract remains in force.

    19.4 Notifications

    Formal communications should be addressed to:

    • Leonardo Legal AI : support@leonardolegal.io
    • Client : Address provided at registration

    20. ANNEXES

    ANNEX I - DETAILED TECHNICAL SPECIFICATIONS

    Leonardo Transcriber

    • Accuracy : >95% under optimal conditions with AssemblyAI Universal-2
    • Latency : Asynchronous processing with Celery 5.3 and RabbitMQ 3.12
    • Supported languages : Spanish (ES), English (EN), German (DE)
    • Speaker Identification : Up to 10 unique participants with automatic diarization
    • Input formats : MP3, WAV, M4A, OGG (audio), MP4, WebM, MOV, MKV, AVI (video)
    • Specialized analysis : Claude Sonnet 4 for detecting commitments, deadlines, and legal aspects
    • Zero Data Retention : Configuration enabled for maximum confidentiality

    Leonardo Contract

    • Model IA : Claude Sonnet 4 with specialized prompts on Spanish law
    • Types of contracts supported : All those recognized in Spanish law
    • Identified risks : Ambiguities, imbalances, regulatory non-compliance
    • Validation : Anti-hallucination system with exact references to the original text
    • Output : Structured reports in downloadable PDF
    • Processing : FastAPI 0.100+ with Python 3.11, storage in MongoDB 7.0
    • Limitations : Contracts in languages other than Spanish may have less precision.

    Leonardo Sentence

    • Compatible sources : CENDOJ, official Spanish court documents
    • Multidimensional analysis : Strategic, corporate, academic customizable
    • Deadline detection : Automatic with integrated countdown and alerts
    • Scoring : Scoring system for coherence and jurisprudential relevance
    • Specialization : All Spanish jurisdictions (civil, criminal, administrative, labor)
    • Technology : Claude Sonnet 4 with Zero Data Retention

    Leonardo Legal Case

    • Methodology : FIRAC (Facts, Issues, Rules, Application, Conclusion)
    • Jurisdictional specialization : Criminal, civil, administrative, labor, commercial
    • Emergency detection : Automatic with classification by procedural severity
    • Deadline alerts : Based on current Spanish procedural regulations
    • Case law analysis : Comparison with similar cases of CENDOJ
    • Backend : FastAPI with Celery + RabbitMQ asynchronous processing

    Veritas Chatbot

    • Technology : Claude Sonnet 4 integrated with contextual knowledge base
    • Specialization : Spanish law with access to processed documents
    • Interface : React 18.x + TypeScript with Ant Design 5.0
    • Authentication : Integration with Keycloak 24.x for controlled access
    • Responses : Contextualized based on previous analysis and regulations

    ANNEX II - DATA PROCESSOR AGREEMENT (DPA)

    PRELIMINARY CLAUSE

    In compliance with Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018 on the Protection of Personal Data (LOPDGDD), this Data Processor Agreement governs the processing of personal data that Leonardo Legal AI will carry out on behalf of the Client.

    PARTS:

    • Data Controller : The Client
    • Data Processor : Leonardo Legal AI

    1. OBJECT AND PURPOSE OF THE ORDER

    1.1 Main Purpose

    The processing of personal data is for the sole purpose of providing legal assistant services using artificial intelligence, specifically:

    • Analysis, processing, summary and classification of legal documents
    • Transcription and analysis of legal audiovisual content
    • Conversational interaction for specialized legal consultations
    • Reporting and analysis using Leonardo tools
    • Automatic detection of deadlines, critical dates and procedural emergencies

    1.2 Authorized Processing Operations

    Collection - Reception of documents and content from the Client
    Registration - Storage in secure systems
    Structuring - Organization for analysis using AI
    Conservation - Maintenance during the term of the contract
    Consultation - Access for the provision of services
    Analysis - Processing using AI algorithms
    Extraction - Obtaining insights and conclusions
    Limitation - Restricting access when appropriate
    Deletion - Elimination at the end of the contract
    Communication - Only when expressly authorized
    Dissemination - Unauthorized

    2. CATEGORIES OF PERSONAL DATA PROCESSED

    2.1 Identification Data

    • Full names and surnames
    • DNI, NIE, passport numbers
    • Tax identification numbers
    • Digitized signatures and rubrics
    • Photographs in official documents

    2.2 Contact Information

    • Email addresses
    • Telephone numbers (landline and mobile)
    • Complete postal addresses
    • Professional social network data
    • Emergency contact information

    2.3 Professional and Academic Data

    • Professional associations of membership
    • Membership numbers
    • Academic and professional qualifications
    • Work experience and resume
    • Legal specializations

    2.4 Economic and Financial Data

    • Bank accounts (IBAN, entities)
    • Tax and fiscal information
    • Salaries and remuneration
    • Corporate shares
    • Assets and valuations

    2.5 Judicial and Procedural Data

    • File numbers and procedures
    • Facts and circumstances of the case
    • Legal arguments of the parties
    • Related resolutions and judgments
    • Criminal or administrative record
    • Precautionary or executive measures

    2.6 Special Categories of Data (Art. 9 GDPR)

    IMPORTANT : The Client guarantees a reinforced legal basis for special categories that may appear incidentally:

    • Health data (medical reports in civil liability cases)
    • Ethnic or racial origin (in cases of discrimination)
    • Union membership (in labor disputes)
    • Biometric data (identification in criminal proceedings)

    2.7 Stakeholder Groups

    • Clients of the Controller (Leonardo Legal AI's Client)
    • Client Employees and Related Third Parties
    • Parties in judicial proceedings
    • Witnesses, experts and professionals involved
    • Legal representatives of all parties
    • Public officials (judges, secretaries, prosecutors)
    • Any third party whose information is contained in processed documents

    3. OBLIGATIONS OF THE DATA PROCESSOR

    3.1 Main Obligations

    Leonardo Legal AI is committed to:

    1. a) Limitation of Purpose
    • Use the data exclusively to provide the contracted Services
    • Absolute prohibition of use for personal purposes or commercialization
    • Never use document content for AI training
    1. b) Confidentiality
    • Maintain professional secrecy regarding all data accessed
    • Specifically train staff in data protection
    • Document the confidentiality commitments of authorized personnel
    1. c) Security of Treatment (Art. 32 GDPR)
    • Ensure ongoing confidentiality, integrity, availability, and resilience
    • Restore availability quickly in the event of an incident
    • Regularly verify the effectiveness of security measures
    • Implement pseudonymization and encryption where necessary
    1. d) Activity Log (Art. 30 GDPR) Keep a written record containing:
    • Name and contact of the Manager and Responsible Party
    • Categories of treatments on behalf of the Controller
    • International transfers with documentation of guarantees
    • Description of technical and organizational security measures

    3.2 Assistance to the Responsible Party

    Rights of Interested Parties :

    • Facilitate the exercise of ARCO-POL rights within a maximum period of 72 hours
    • Provide information necessary to respond to requests
    • Immediately forward received requests directly

    Impact Assessments :

    • Collaborate in impact assessments when required
    • Provide information on implemented security measures
    • Assist in prior consultations with supervisory authorities

    Audits :

    • Allow annual audits of the Controller
    • Provide compliance documentation
    • Collaborate with authorized auditors

    4. SPECIFIC SECURITY MEASURES

    4.1 Technical Measures

    Data Encryption :

    • At rest : AES-256 for all stored data
    • In transit : TLS 1.3 for all communications
    • Backups : Specific encryption with rotating keys
    • Database : Field-level encryption for sensitive data

    Access Control :

    • Multi-factor authentication (MFA) mandatory for all staff
    • Principle of least privilege strictly applied
    • Quarterly access audits
    • Automatic revocation of access upon termination of employment

    Data Segregation :

    • Complete data isolation per Client
    • Databases separated by confidentiality level
    • Virtual private networks (VPNs) for administrative access
    • Application containerization for maximum isolation

    4.2 Organizational Measures

    Personnel Management :

    • Mandatory data protection training for all staff
    • Written confidentiality commitments prior to access
    • Annual security reviews of authorized personnel
    • Access protocol only for personnel with justified need

    Incident Management :

    • Formal security incident response plan
    • Specialized team available 24/7
    • Immediate containment and mitigation procedures
    • Post-forensic analysis for future prevention

    4.3 Security Infrastructure

    Continuous Monitoring :

    • Digital Ocean Monitoring for infrastructure monitoring
    • Specialized observability tools for legal data
    • Automatic alerts for performance and security events
    • Centralized log system with behavioral analysis

    Network Protection :

    • Digital Ocean CDN for perimeter optimization and protection
    • Specifically configured web application firewalls
    • Intrusion detection and prevention systems (IDS/IPS)
    • Behavioral analysis for anomaly detection in Frankfurt

    5. INTERNATIONAL TRANSFERS

    5.1 Data Residency Policy

    Europa First Mode (Recommended) :

    • Primary Storage : Digital Ocean Frankfurt (Germany)
    • Transcription : AssemblyAI Dublin (Ireland) via EU endpoint
    • AI Analysis : Anthropic/OpenAI with European residency when available
    • Guarantee : 100% configurable European processing

    5.2 Guarantees for Transfers (when applicable)

    Standard Contractual Clauses :

    • Application of SCCs approved by Commission Decision 2021/914
    • Transfer Impact Assessment (TIA)
    • Additional technical measures according to EDPB recommendations

    Specific Sub-Managers :

    Sub-manager

    Location Data

    Applied Guarantees

    Services

    Digital Ocean

    Frankfurt, DE

    EU + CCT Residence

    Main hosting

    AssemblyAI

    Dublin, IE

    Endpoint UE + CCT + SOC 2

    Transcription

    Anthropic PBC

    Variable

    CCT + EU Residency available

    AI Analysis

    OpenAI Ireland

    Variable

    CCT + EU Residence + DPF

    AI Processing

    MongoDB Atlas

    Frankfurt, DE

    Guaranteed EU residency

    Database

    6. OPERATING PROCEDURES

    6.1 Notification of Security Violations

    Notification Period : Maximum 24 hours from knowledge of the incident

    Mandatory Information :

    • Detailed description of the nature of the violation
    • Categories and approximate number of affected stakeholders
    • Record of compromised personal data
    • Name and contact of the DPO or point of contact
    • Foreseeable consequences of rape
    • Measures taken or proposed for remedy
    • Actions to mitigate negative effects

    Communication Channel : dpo@leonardo-legal.ai with copy to soporte@leonardo-legal.ai

    6.2 Exercise of Rights

    Procedure :

    1. Reception : Leonardo Legal AI receives request to exercise rights
    2. Immediate forwarding : Transfer to the Client within a maximum of 24 hours
    3. Assistance : Collaboration in the response within legal deadlines
    4. Documentation : Maintaining a record of all applications

    Specific Rights Supported :

    • Access : Providing information on treatments performed
    • Rectification : Correction of inaccurate data in systems
    • Deletion : Immediate deletion upon request
    • Limitation : Restriction of processing on request
    • Portability : Export in standard structured formats
    • Opposition : Cessation of processing when there is no legal basis

    6.3 Return and Deletion of Data

    At the end of the payment contract :

    Phase 1 - Transition to Trial Mode :

    • Full data preservation through continuous access
    • Limitation of new features according to the Trial plan
    • Maintaining a complete history of interactions

    Phase 2 - Grace Period (12 months) :

    • Data retained as long as the account is considered "active"
    • Inactive Account: No login for 12 consecutive months
    • Read-only access for history query

    Phase 3 - Elimination Process :

    • Prior notification : 30 days before final disposal
    • Address : Email registered in the Client's account
    • Reactivation possible : Login interrupts deletion process
    • Final Deletion : Secure and certified deletion of all data

    Deletion on Request :

    • Available at any time during the term of the contract
    • Immediate execution within 5 working days
    • Certificate of Disposal provided to the Customer
    • Retention only for legal liabilities during limitation periods

    7. SUBCONTRACTING

    7.1 General Authorization

    The Client authorizes Leonardo Legal AI to subcontract services with the providers listed in Annex II, Section 5.2, under the following conditions:

    • Due diligence : Selection of subcontractors with sufficient guarantees
    • Binding Contract : Same obligations as the Principal Manager
    • Joint liability : Leonardo Legal AI is liable for the actions of subcontractors
    • Continuous monitoring : Monitoring regulatory compliance

    7.2 New Subcontractors

    To incorporate new sub-managers:

    • Prior notice : 30 days in advance
    • Detailed information : Services, location, guarantees applied
    • Right of opposition : Client can object within 15 days
    • Alternative resolution : Search for technical alternatives if there is opposition

    8. OBLIGATIONS OF THE DATA CONTROLLER

    8.1 Main Obligations of the Client

    Data Guarantees :

    • Confirm appropriate legal basis for all data processed
    • Check rights to processed documents (ownership or authorization)
    • Guarantee prior information to interested parties in accordance with Arts. 13-14 GDPR
    • Maintain an updated record of the legal bases applied

    Supervision of the Order :

    • Monitor regulatory compliance of the Manager
    • Conduct annual audits with 60 days' notice
    • Provide clear, written instructions when necessary
    • Assess the need for impact assessments (EIPD)

    Rights Management :

    • Respond to the exercise of rights within legal deadlines
    • Coordinate with Leonardo Legal AI to facilitate responses
    • Maintain effective communication channels with stakeholders

    8.2 Treatment Instructions

    The instructions for treatment are contained in:

    • The specific functionalities of each Leonardo tool
    • The configurations selected by the Client on the platform
    • Any additional instructions provided in writing

    Additional Instructions : Any instructions not contemplated in this DPA must:

    • Be provided in writing
    • Clearly specify the purpose and authorized operations
    • Staying within the legal framework of the GDPR
    • Be technically feasible according to Leonardo Legal AI infrastructure

    9. SECURITY MEASURES IMPLEMENTED

    9.1 Granular Access Controls

    Authentication :

    • Multi-factor authentication (MFA) required for all users
    • Strong password policy (minimum 12 characters, high complexity)
    • Automatically expiring access tokens
    • Monitoring unauthorized access attempts

    Authorization :

    • Role-based access control (RBAC)
    • Principle of least privilege consistently applied
    • Quarterly reviews of access permits
    • Strict segregation between data from different Clients

    9.2 Data Protection

    Advanced Encryption :

    • Data at Rest : AES-256 with keys managed by Digital Ocean Spaces Encryption
    • Data in transit : TLS 1.3 with Perfect Forward Secrecy
    • Backups : Independent encryption with rotating keys in Frankfurt
    • Internal communications : End-to-end encryption between services

    Anonymization and Pseudonymization :

    • Automatic pseudonymization for aggregated statistics
    • K-anonymization techniques for usage analysis
    • Removing direct identifiers from system logs
    • Data masking in development and testing environments

    9.3 Business Continuity

    Backup and Recovery :

    • Encrypted daily incremental backups
    • Real-time replication between multiple UE data centers
    • Documented quarterly recovery tests
    • RTO (Recovery Time Objective): 4 hours
    • RPO (Recovery Point Objective): 1 hour

    Continuity Plan :

    • Documented procedures for service interruptions
    • Redundant infrastructure across multiple availability zones
    • Automatic failover in case of technical failures
    • Proactive communication with clients during incidents

    10. MANAGEMENT OF SECURITY VIOLATIONS

    10.1 Detection and Classification

    Detection Systems :

    • 24/7 monitoring with automatic alerts
    • Behavior analysis with machine learning
    • Multi-source security event correlation
    • Threat intelligence updated daily

    Severity Classification :

    • Criticism : Unauthorized access to Customer data
    • High : Attempt to exfiltrate or modify data
    • Media : Anomalies in access patterns
    • Low : Security events with no data impact

    10.2 Response Protocol

    Immediate (0-1 hour) :

    • Automatic threat containment
    • Activation of the incident response team
    • Preservation of forensic evidence
    • Initial impact assessment

    Short Term (1-24 hours) :

    • Formal notification to the Client if there is an impact on their data
    • Detailed root cause investigation
    • Implementation of corrective measures
    • Communication with authorities if legally required

    Medium Term (24-72 hours) :

    • Detailed incident report
    • Improvement plan to prevent recurrence
    • Update security measures if necessary
    • Impact monitoring and mitigation measures

    11. AUDITS AND COMPLIANCE

    11.1 Audits of the Controller

    Frequency : Maximum one audit per year, except for justified reasons

    Procedure :

    • Written request 60 days in advance
    • Definition of scope and specific objectives
    • Access during business hours with technical staff present
    • Report of findings within 30 days of completion

    Limitations :

    • Respect for trade secrets in accordance with Law 1/2019
    • No interference with critical operations of other Clients
    • Absolute confidentiality of third-party information
    • Cost of external audits assumed by the Client

    11.2 Certifications and Compliance

    Current Certifications :

    • Leonardo Legal AI : ISO 27001:2022 (Information Security Management)
    • Digital Ocean : SOC 2, ISO 27001, PCI DSS, CSA STAR Level 1
    • AssemblyAI : SOC 2 Type II, PCI DSS, GDPR compliance
    • Anthropic : SOC 2, ISO 27001, ISO 42001 (AI Management Systems)

    Infrastructure Certifications :

    • Digital Ocean Amsterdam (AMS3): Tier III+ Certification for Data Centers
    • Compliance with European data protection standards
    • Specific certifications for managed services (MongoDB, Spaces)

    External Audits :

    • Annual security audit by an independent firm
    • Semi-annual pentesting of critical infrastructure
    • GDPR compliance review by a specialized consulting firm
    • Risk assessment of international transfers

    12. DATA PROTECTION OFFICER

    12.1 DPO Contact Information

    Leonardo Legal AI DPO :

    • Email : dpo@leonardolegal.io
    • Address : c/ Henares, 7. Madrid 28002
    • Telephone : [Direct contact number]

    12.2 Functions of the DPO

    • Monitoring compliance with GDPR and national regulations
    • Point of contact with control authorities
    • Advice on impact assessments
    • Staff training and awareness
    • Management of requests for the exercise of rights

    13. DURATION AND TERMINATION OF THE DPA

    13.1 Validity

    This DPA comes into force simultaneously with the main contract and remains in force until:

    • Termination of the main contract for any reason
    • Full compliance with data deletion/return obligations
    • Elapsed retention periods for legal liabilities

    13.2 Post-Termination Obligations

    Immediate Deletion (except for justified legal retention):

    • Deleting data from production systems
    • Deletion of backups containing Customer data
    • Certified destruction of physical media, if any
    • Certificate of Disposal provided to the Customer

    Limited Legal Conservation :

    • Only to meet legal, commercial or administrative responsibilities
    • Data duly blocked in accordance with Art. 32 LOPDGDD
    • Duration limited to legally established limitation periods
    • Access restricted to the minimum essential personnel

    14. DATA PROTECTION RESPONSIBILITY

    14.1 Responsibility of the Manager

    Leonardo Legal AI will be liable as Data Controller if:

    • Uses data for unauthorized purposes
    • Communicates data without the Client's authorization
    • Fails to comply with express instructions from the Controller
    • Processes data outside the scope of this DPA

    14.2 Coordination in Sanctioning Procedures

    Immediate Notification : The Client shall inform Leonardo Legal AI of any:

    • Sanctioning procedure initiated by AEPD or other authority
    • Claim from interested parties related to the treatment
    • Request for information from competent authorities

    Coordinated Defense :

    • Leonardo Legal AI will assume legal defense in its area of responsibility
    • Close coordination preserving the Client's image and reputation
    • Transparent information on measures taken
    • Assumption of costs arising from own non-compliance

    15. FINAL PROVISIONS OF THE DPA

    15.1 Prevalence

    In the event of a conflict between this DPA and the main contract, the data protection provisions of this DPA shall prevail.

    15.2 Modifications

    This DPA can only be modified:

    • By express written agreement of both parties
    • To adapt to regulatory changes that may arise
    • At the request of competent authorities

    15.3 Specific Jurisdiction

    For specific data protection disputes:

    • Applicable law : GDPR + LOPDGDD + Spanish regulations
    • Jurisdiction : Courts of Barcelona with specific jurisdiction
    • Supervisory Authority : Spanish Data Protection Agency (AEPD)

    ACCEPTANCE

    By using Leonardo Legal AI services, the Client declares:

    • Have read and fully understood these terms and the DPA
    • Have legal capacity to contract
    • Act in the exercise of professional activity
    • Accept all the established conditions
    • Recognize your role as Data Controller

    Effective Date : September 1, 2025
    Last Updated : September 1, 2025

    For questions about these terms or the DPA, please contact our legal team at legal@leonardo-legal.ai or our DPO at dpo@leonardolegal.io

     

    Imprint

    Imprint
    Scriptum AI Technology SL
    Calle Henares 7
    28002 Madrid


    Represented by: Isabel Anguera

    Contact:
    Phone: (+34) 607902266
    Email: info@leonardolegal.io
    VAT ID:
    VAT identification number according to Section 27a of the Sales Tax Law: NIF: B19399211

    Consumer Dispute Resolution/Universal Arbitration Board
    We are neither willing nor obliged to participate in dispute resolution proceedings before a
    consumer arbitration board.


    Source: https://www.e-recht24.de