Security & Privacy — LG Consultants, LLC

Architecture

How Our Tools Handle Your Documents

Understanding where your data goes — and where it doesn't — is fundamental to evaluating any tool you use for sensitive legal work. Here is exactly how LinguaGnosis™ and our translation tools process your information.

🖥️

Documents Stay in Your Browser

When you upload a document to LinguaGnosis™ for QA review or analysis, the text is processed entirely within your browser. It is never transmitted to or stored on LG Consultants servers.

✓ No server upload

🗄️

No Database. No Storage.

LG Consultants does not operate a backend database. No client names, document content, case details, or personally identifiable information is stored after your session ends.

✓ Zero data retention

💳

Secure Payment Processing

Instant purchases (translation quotes) are processed via Stripe (PCI DSS Level 1 certified) — LG Consultants never sees or stores your card number or CVV. Invoiced projects and retainers are billed through Bill.com, the industry-standard B2B payment platform. We never handle raw card data.

✓ Stripe PCI DSS Level 1 · Bill.com

🔒

All Traffic Encrypted

Every connection to lgconsultants.co is encrypted with HTTPS/TLS. Our hosting provider, Netlify, enforces HTTPS on all requests and holds SOC 2 Type II certification for its infrastructure.

✓ SOC 2 Type II (Netlify)

Plain-language summary for your clients: Uploading a document to LinguaGnosis™ is like opening it in Microsoft Word on your own computer. The file is read by your browser. Nothing is sent to our servers. When you close the session, it's gone.

Transparency

Third-Party Services We Use

When you use the translation feature (auto-translate a document), text is sent to one of the following translation APIs based on your configured settings. We disclose this clearly so you can make informed decisions about which service you authorize for your documents.

Service	What It Receives	Certification	Privacy Policy
DeepL API (Tier 1 — Recommended)	Source text for translation	GDPR compliant · ISO 27001 · Data not used for training (Pro plan)	deepl.com/privacy →
MyMemory (Tier 2 — Free fallback)	Source text for translation	GDPR compliant	mymemory.translated.net →
LibreTranslate (Tier 3 — Open source)	Source text for translation	Open source · Self-hostable for maximum privacy	libretranslate.com →
Stripe (Instant Purchases)	Payment data only — never document content	PCI DSS Level 1 · SOC 2 Type II · GDPR	stripe.com/privacy →
Bill.com (Invoiced Projects)	Invoice delivery and payment for project-based work	SOC 1 Type II · SOC 2 Type II · PCI DSS	bill.com/privacy →
Netlify (Hosting)	Standard web traffic logs (IP, browser, timestamps)	SOC 2 Type II · GDPR	netlify.com/privacy →

Recommendation for highly sensitive legal documents: For maximum confidentiality, use DeepL's Pro plan (which contractually prohibits use of your text for model training) or deploy a self-hosted LibreTranslate instance. LinguaGnosis™ supports both. Contact info@lgconsultants.co for setup guidance.

Our Commitments

What We Will Never Do

✓
Sell or share your data. LG Consultants does not sell, rent, or share client data with any third party for marketing or commercial purposes.
✓
Store your documents. Document content processed through LinguaGnosis™ is never written to any LG Consultants database, server, or file system.
✓
Store your payment information. We never handle, store, or transmit raw card data. Instant purchases are processed via Stripe; invoiced projects are billed through Bill.com. Neither processor shares financial credentials with LG Consultants.
✓
Access your translation API keys. API keys you enter in LinguaGnosis™ are stored only in your browser's local storage. They are never sent to LG Consultants servers.
✓
Use your content to train AI models. LG Consultants does not use any client document content for machine learning, model training, or product improvement purposes.

Certification Status

Current Security Posture

LG Consultants is an independent professional services firm. Below is an honest disclosure of our current certifications and testing status. We are committed to expanding our formal certifications as the business scales.

✓
HTTPS / TLS encryption — SSL Labs A+ — The highest possible SSL Labs rating. Certificate, Protocol Support, Key Exchange, and Cipher Strength all scored in the top tier. Independently verified May 6, 2026. Run live scan →
✓
Security Headers — Mozilla Observatory B+ — HTTP security headers active on all pages: HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, and Content Security Policy. Score: 80/100, 9 of 10 tests passed. Verified May 6, 2026. Run live scan →
✓
Malware-free / Not Blacklisted — Scanned via Sucuri SiteCheck May 6, 2026. No malware detected. Not blacklisted across 9 blacklist databases (Google Safe Browsing, Norton, McAfee, and others). View scan →
✓
Stripe PCI DSS Level 1 — Instant-purchase payment processor certification. All card transactions processed by Stripe. No card data touches LG Consultants infrastructure. stripe.com → · Invoiced projects delivered via Bill.com (SOC 2 Type II · PCI DSS).
✓
Netlify SOC 2 Type II — Hosting infrastructure independently audited. Verified at netlify.com/security →
○
Independent penetration test — Scheduled Q3 2026. Results will be published on this page upon completion.
○
SOC 2 Type II (LG Consultants) — Planned as client base reaches enterprise scale. Estimated 2027.
○
FedRAMP / Government authorization — Not applicable to current service model (private legal translation). Will be evaluated if federal agency contracts are pursued.

Note for enterprise clients: If your organization requires specific security documentation — a vendor questionnaire, a data processing agreement (DPA), or a custom security review — please contact us directly. We are happy to provide documentation appropriate to your compliance requirements.

Official Statement

Security & Privacy Disclosure

LG Consultants, LLC — Security & Data Handling Statement

LG Consultants, LLC operates lgconsultants.co and the LinguaGnosis™ platform as a professional translation quality and language services firm. This statement reflects our data handling practices as of May 2026.

Document Processing: Documents submitted through LinguaGnosis™ for quality review, QA analysis, or certificate generation are processed locally within the user's web browser. No document content is transmitted to or retained on LG Consultants infrastructure. When the translation feature is used, text is transmitted directly from the user's browser to the selected third-party translation API (DeepL, MyMemory, or LibreTranslate) under that service's applicable terms.

Payment Processing: Instant purchases are processed via Stripe, Inc. (PCI DSS Level 1 certified). Project-based invoices are issued through Bill.com (SOC 2 Type II, PCI DSS certified). LG Consultants does not collect, process, or store payment card data through either processor.

Infrastructure: lgconsultants.co is hosted on Netlify, Inc. (SOC 2 Type II certified). All connections are encrypted via HTTPS/TLS. No backend database stores client-submitted information.

Data Retention: LG Consultants retains no client document content, personally identifiable information, or session data beyond what is stored in the user's own browser. Business records (invoices, correspondence) are retained in accordance with standard professional services practices.

Last updated: May 2026 · Questions: info@lgconsultants.co

Responsible Disclosure

Found a Security Issue?

If you believe you have identified a security vulnerability in our tools or website, please contact us directly. We take all reports seriously and commit to responding within 48 hours.

Security Contact

Send your report to our security contact. Please include a description of the vulnerability, steps to reproduce, and your contact information.

Report a Security Issue →

We do not have a formal bug bounty program at this time. We appreciate responsible disclosure.

Your Documents Are Safe With Us