Nectos logo
Back to Resources
Use Case

How Swiss law firms use AI knowledge bases without violating client confidentiality

AI-powered knowledge bases can transform legal research and document retrieval. But for Swiss lawyers, the question is always: where does the data go?

Adopt-AI SA 2026-01-05 6 min

The opportunity: transforming legal knowledge management

A law firm accumulates, over the years, a considerable wealth of knowledge: legal memos, case law analysis, template contracts, expert opinions, case notes. This wealth is often fragmented, difficult to access, and its value diminishes over time if no one can find and use it.

AI knowledge bases change this equation. They allow accumulated knowledge to become instantly queryable in natural language: "What are our precedents on non-compete clauses in Geneva employment contracts?" or "Summarize our usual position on director liability in bankruptcy."

For a Swiss firm, the productivity gains are real. But the immediate question is: can this be done while respecting lawyer professional secrecy?

The Swiss legal framework for lawyers

Article 321 of the Swiss Criminal Code protects lawyer professional secrecy. This protection is absolute: it covers all information entrusted by the client in the context of the lawyer-client relationship.

Violation of professional secrecy is a criminal offense.

When an AI knowledge base violates professional secrecy

An AI knowledge base that processes data on foreign servers, allows third-party access to stored data, or uses client data to train its models creates real legal risk.

How to build a compliant knowledge base

Principle 1: Data remains under the firm's exclusive control.

Principle 2: Exclusively Swiss processing — complete chain, not just storage.

Principle 3: Contractual non-training commitment — explicit in the DPA.

Principle 4: Segmentation by confidentiality level.

How Nectos meets these requirements

  • Exclusive control: Only your firm's authorized users can access Nectos knowledge bases.
  • Switzerland only: Processing and storage exclusively on Hidora SA infrastructure.
  • Contractual non-training: Written into the Terms of Service and DPA.
  • Segmentation: Each knowledge base is a separate space with its own access controls.
  • Prompt anonymization: Optional feature that detects and masks personal information in queries before processing.

AI knowledge bases are not incompatible with Swiss professional secrecy. They become so only when poorly configured — with a foreign provider, without an adequate DPA, without a non-training guarantee.

Related articles

Sovereignty

Why your AI assistant should never leave Switzerland

Read
Compliance

The Swiss nDSG and AI: what every organization needs to know

Read
Finance

AI and banking secrecy: navigating the tension

Read

Ready to try Nectos?

The sovereign AI workspace built for Switzerland.

Choose Plan