Professional secrecy is non-negotiable. So is your IT stack.
Cybersecurity, secure data rooms, jurisprudence RAG and business apps for Swiss law firms. FADP, art. 321 SCC (professional secrecy) and file archiving compliance. Geneva, Lausanne, Zurich.
What a law firm faces with IT in 2026
Between innovation pressure from clients and intransigent professional secrecy.
Firm email hosted on Google or Microsoft
Art. 321 SCC criminalizes breach of professional secrecy. If your client correspondence transits Gmail or Outlook 365, you are de facto transmitting to a US third party. Recent Swiss rulings recall this.
No data room to exchange with clients
Clients send you confidential PDFs via WeTransfer or Dropbox. Any leak exposes you to a disciplinary complaint and damages. A professional data room hosted in Switzerland costs less than one incident.
Time-consuming jurisprudence research
Your lawyers spend 6-8h per case searching swisslex, jurivoc and your archives. A RAG on your archive + Federal Tribunal + cantonal laws divides this time by 3.
ChatGPT used behind your back by associates
Junior lawyers use ChatGPT to draft pleadings - unaware they're sending sensitive facts to OpenAI. Without an internal solution, the risk is real. An on-premise LLM eliminates it.
What we do for law firms
Aligned with art. 321 SCC, FADP and the confidentiality culture of a firm.
Law firm cybersecurity audit
Full audit: encrypted email (S/MIME, PGP), hardware MFA, network segmentation, endpoint posture, document classification, art. 321 SCC compliance. From CHF 4,000.
Data room & sovereign cloud
Encrypted Swiss-hosted data room to exchange with clients. Integration with your case management (Hexagon, Tilkee, Aurelia). FADP compliant.
Jurisprudence RAG + on-premise LLM
A fully local ChatGPT-like trained on your archives + Federal Tribunal + cantonal laws. Your data never leaves. Sourced answers.
Business apps & case management
Case tracking, automatic time tracking, hourly billing, legal file archiving (canton-dependent). Integrated with your mail system.
Our method - battle-tested on Swiss ground
Four pragmatic steps. No fluff, no slide-ware.
48h diagnostic
Targeted audit: interviews, read-only access, technical review. You leave with a written assessment and 3 quick-wins to action immediately.
Priced action plan
3-12 month roadmap, prioritized by risk and ROI. Transparent price ranges. We tell you what can wait - and what cannot.
Delivery
Our team ships in short sprints. You validate at each step. The code, infrastructure and procedures belong to you.
Run & continuous improvement
Maintenance, supervision, regular security reviews. We remain your Swiss point of contact, with no offshore hotline.
100% Swiss stack & partners
Tech sovereignty: everything we deploy stays auditable and hosted in Switzerland.
Hosting
Infomaniak (Geneva, Zurich), Exoscale, OVHcloud Geneva - ISO 27001, Swiss datacenters.
Cybersecurity
Wazuh SIEM, Suricata IDS, WireGuard VPN, YubiKey FIDO2, Authelia, Vault.
On-prem AI
Ollama, Mistral, vLLM, Qdrant RAG, Flowise, n8n MCP - LLMs with zero data leakage.
Dev & business
React 19, TypeScript, Python/FastAPI, PostgreSQL, Docker. Hexagonal architecture.
FAQ - Law firms
Professional secrecy doesn't wait.
Is Microsoft 365 compatible with art. 321 SCC?
Strictly speaking, no. Emails and documents stored on Microsoft 365 (Outlook, OneDrive, Teams) transit European datacenters but under US governance (CLOUD Act). Recent cantonal legal opinions recommend sovereign Swiss hosting for confidential firm mail.
How to secure ChatGPT use in a law firm?
Three options: (1) ban public ChatGPT and deploy an on-premise LLM (Ollama, Mistral) on a Swiss server, (2) use Azure OpenAI with a private instance hosted in Switzerland (Switzerland North zone), (3) sign an enterprise contract with OpenAI excluding training on your data. We recommend option 1 for professional secrecy.
How much does a pentest cost for a law firm?
Between CHF 5,000 and 18,000 depending on scope. For a 10-30 lawyer firm: internal pentest (workstations + file server + email), external pentest (website + remote access), simulated phishing. Duration 5-10 days. Prioritized report.
How to protect a law firm from ransomware?
Six layers: (1) tested off-site backups (3-2-1), (2) mandatory hardware MFA (FIDO2 keys), (3) EDR on all endpoints, (4) network segmentation, (5) quarterly phishing training, (6) written incident response plan + hotline. All for CHF 10-25k/year depending on size.
Is an outsourced DPO needed for a law firm?
FADP requires a DPO for large-scale processing of sensitive data. A firm handling criminal, medical or succession cases is concerned. An outsourced vCISO (combining cybersecurity + DPO) costs CHF 2,000-6,000/month depending on engagement (0.5 to 2 days/month).
How much does a secure data room cost for a firm?
CHF 150-400/month per firm depending on volume. Swiss hosting, end-to-end encryption, full audit trail, integration with your mail. Heavily used for M&A, due diligence and estate transmissions.
Le Dahu services for this sector
All our services adapt to your business and constraints.
Pricing ranges - law firms
Indicative ranges for 2026. Personalized quote in 48h after a call. VAT excluded.
Free firm audit - 30 minutes to scope.
Confidential exchange with a cyber+legal expert. No commitment, NDA if needed.
Book the call