The GDPR Explained

The European Union’s General Data Protection Regulation (GDPR) is a privacy law that mandates standards on companies that store or process the personal data of EU residents.

GDPR enables individuals to provide great transparency into how their data is stored, processed, deleted, and used, and becomes effective on May 25, 2018.  It applies to all businesses that hold any information of individuals located within the EU.

For more information about the GDPR, please click here.

CosmoLex & GDPR Obligations

CosmoLex is supportive of the new regulations. As a leading provider of law practice management product, CosmoLex has been on the forefront of data security standards for legal service providers.

Technical and Organizational Measures

CosmoLex’s data security measures, policies, and practices ensure that the data processed on behalf of our customers is well-protected and in line with the requirements of the GDPR.  A big part of the GDPR covers an individual’s data rights, which we support, including but not limited to:

  • Data portability on demand
  • Data destruction
  • Data protection by design and by default

We’re also continuing to improve our network monitoring and update our breach procedures per the GDPR guidelines. We’re documenting how all of our data is collected, where it is stored, and how it is used.

Additional Information

To request a Data Processing Agreement for CosmoLex Cloud, LLC acting as a data processor, please email

CosmoLex’s Privacy Policy is available here.

CosmoLex’s Terms of Service is available here.