AI Review: Data Protection and Responsible Use Guide

AI Review helps users:

AI Review is currently available in our Microsoft Word plugin and will soon be available in Juro’s browser-based editor, too. AI Review assists with contract review. It doesn’t make decisions on behalf of users, provide legal advice, or apply changes without human approval.

AI Review only processes data when a review is run.

Depending on the review, the data processed may include:

When a user runs AI Review:

All redlines and comments generated by AI Review are proposed only. Users must review and approve them before making any changes to a contract.

AI Review uses a combination of large language models to perform different tasks throughout the review process, including:

Customer content is used only to generate the requested output, and is not used to train or fine-tune any third-party AI models.

Juro may develop customer-specific models in the future to better tailor outputs. But we won’t do that in a way that trains any third-party model or shares data across customers or model providers.

As of January 2026, AI Review uses the following large language models for specific tasks within the review workflow:

Model selection may change over time as we evaluate performance, reliability and security, but all models are subject to the same data protection and confidentiality requirements described in this guide.

Changes to the models or hosting platforms used by AI Review won’t affect how we protect customer data, and remain subject to Juro’s contractual and data protection commitments to each customer.

Juro does not retain customer data submitted to AI Review for model training or improvement. Operational logs may be retained for security, reliability, and audit purposes in line with Juro’s standard logging practices, but do not include contract content beyond what is necessary to provide the service.

Customer data processed as part of AI Review is not retained by any third-party AI model providers beyond the duration required to generate the requested output.

Outputs generated by AI Review and accepted by the user are stored in Juro in the same way as other contract content, and can be retained or deleted by users in accordance with their workspace permissions.

AI Review operates within Juro’s existing strict security framework, including:

Access to AI Review is limited to authorized users within the relevant workspace.

Juro personnel do not access customer contract data submitted to AI Review, unless the user chooses to provide feedback on a specific AI Review suggestion, or where necessary to provide support or comply with legal obligations (and this access is logged and restricted).

AI Review is available to customers where it is included in their subscription.

Customers control:

AI Review does not automatically modify contracts without user action.

AI Review outputs depend in part on the quality and specificity of the customer’s playbook rules.

While we continuously test, monitor, and improve AI Review (including reassessing performance as new models become available), AI-generated outputs may not identify every issue or reflect all drafting preferences.

Users should always review AI Review outputs before relying on them. AI Review is not intended to be relied on as the sole basis for legal or contractual decision-making. Responsibility for decisions made using AI Review outputs remains with the customer.

AI Review is designed with data protection principles at its core and works within Juro’s existing data protection and compliance framework.

AI Review applies core data protection principles, including:

Customer data submitted to AI Review is not used for general model training or benchmarking and remains confidential to you, the customer.

Roles and responsibilities

For AI Review, Juro is a processor on behalf of its customers of any personal data processed. Customers remain the controller for personal data comprised in the contract data and playbook content they choose to submit for review.

Processing of personal data via AI Review is governed by Juro’s data processing agreement.

AI Review uses third-party large language models hosted on major cloud platforms, including Google Cloud Platform (for Gemini models) and Amazon Web Services via Amazon Bedrock (for other supported models).

Juro controls access to and configuration of the environments in which AI Review runs, and applies the same access controls and monitoring used across the rest of the Juro platform. Customer data is processed only for the purpose of generating the requested output and is not retained, reused, or used to train models by the model providers.

Automated decision-making

AI Review does not perform automated decision-making that produces legal or similarly significant effects without human involvement. All outputs generated by AI Review (including redlines and comments) are suggestions and require user review and approval before they are applied.

International data transfers

Where personal data is transferred internationally as part of providing AI Review, those transfers are handled in accordance with Juro’s existing data transfer safeguards, including appropriate contractual protections. For more information, see our privacy policy.

Regulatory alignment

AI Review is designed to support you in meeting your compliance with applicable data protection laws, including the UK GDPR and EU GDPR.

In particular:

Juro continues to monitor regulatory developments relating to data protection and artificial intelligence, to ensure close alignment as our AI capabilities develop over time.

We continue to review and improve AI Review as AI technology, customer need,s and regulatory expectations evolve. Where we make material changes to how AI Review processes customer data (for example, by onboarding new technology partners with access to your data), we’ll keep customers informed.