Sovereign by design.
For public bodies, tribunals, and regulated institutions that cannot compromise on where their data lives or who can reach it: your region, your keys, and in-boundary AI inside a single-tenant cluster — up to and including air-gapped.
Real sovereignty, not a checkbox.
The guarantees that distinguish sovereign from “hosted in a nearby region.”
Canadian-owned & operated
LexSteward is an Ontario company — not a US-headquartered vendor. That means we aren’t compellable under the US CLOUD Act the way US providers are; a demand for your data would have to go the slower route, through Canadian courts under Canadian law.
You hold the key
Bring-your-own-KMS: your encryption key lives in your control. The result is true zero-knowledge — we become technically unable to read your protected content.
Residency all the way down
Your data region is fixed at signup and holds through every copy, including backups. Canadian data stays on Canadian soil.
No US operator in the path
Deployed customer-operated with your own keys, no US-jurisdiction provider holds the keys or the access — so a US CLOUD Act demand reaches, at most, encrypted data no one in the US can read.
AI inside the cluster
In-boundary AI runs within your sovereign environment. No client or case data ever leaves it — not to us, not to any model vendor.
What real sovereignty requires.
We’re specific about this on purpose. Sovereignty is a property of how a deployment is operated and who holds the keys — not of a hardware brand or a Canadian postal code. It holds when all of these are true:
“Sovereign” means outside US reach — Canadian lawful access and PIPEDA still apply, and it isn’t immunity from all government. We map every claim to your specific deployment and confirm it with counsel before we make it. Residency on our standard cloud tiers keeps your data in-region, but sovereignty in this full sense is the dedicated, customer-operated deployment described here.
Deploy it where your rules require.
The same platform, in the posture your mandate demands.
Sovereign, on-prem, and air-gapped deployments are delivered with our infrastructure partners and scoped per engagement. Timelines and available certifications are confirmed during procurement.
Assurance & procurement.
Compliance, honestly stated
SOC 2 and sector frameworks (HIPAA / PIPEDA as relevant) are on our roadmap. We will never claim a certification we haven’t earned.
Provable confidentiality
Generate a confidentiality report for any matter: routing metadata, model used, opt-in log, and a signed boundary assertion.
Audit everywhere
Comprehensive audit trails across access, actions, and AI routing — the evidence public-sector oversight requires.
Enterprise SLAs & support
Tiered support and service levels, backed by our infrastructure partners, sized to your obligations.
Built for procurement. Per-seat or per-node licensing, contracting through our infrastructure partners where required, and enterprise SLAs — the terms public-sector and regulated buyers expect.
Start a sovereign scoping conversation.
Tell us your residency, security, and procurement requirements. We’ll design a deployment that meets them — and be candid about what’s available today versus on the roadmap.