Security & Privacy
Your invention is your most valuable asset. Here's how we protect it.
Encryption at Rest
All sensitive invention data is encrypted using AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode). This is the same encryption standard used by banks, government agencies, and military systems worldwide.
What's encrypted:
- Your invention descriptions and concepts
- All chat messages with our AI
- Uploaded documents and extracted text
- Generated patent application content
- Patent figure descriptions and prompts
- Revision requests and responses
Even if someone gained unauthorized access to our database, they would only see encrypted ciphertext - completely unreadable without the encryption keys.
Per-Application Encryption Keys
We don't use a single encryption key for all data. Instead, each patent application you create has its own unique encryption key (called a Data Encryption Key or DEK).
This means that even in the unlikely event one key were compromised, your other inventions would remain protected. It's like having a separate lock for each safe deposit box, rather than one master key.
Key security:
- Keys are never stored in plaintext
- Each DEK is encrypted with a master key stored separately
- Random initialization vectors (IVs) prevent pattern analysis
- Authentication tags detect any tampering attempts
Zero Human Access
No human being at PatentProviso can read your invention details. We've architected our system with this as a fundamental principle, not just a policy.
Your invention content is encrypted before it's stored and only decrypted when you access it. Our employees don't have the keys to decrypt your data. We can see metadata (like application status, timestamps, and usage patterns) for support and operational purposes, but never your actual invention content.
This isn't just about trust - it's about technical impossibility. We literally cannot access your invention details even if we wanted to.
No AI Training on Your Data
We use Anthropic's Claude AI to help draft your patent applications. A common concern with AI services is whether your data will be used to train future models.
Your data is never used for AI training. We have enterprise data processing agreements with Anthropic that explicitly prohibit using your content for model training or improvement. When Claude processes your invention, it generates your patent application and then has no memory of the conversation.
Your invention ideas don't become part of some AI's knowledge base. They stay yours.
Infrastructure Security
Beyond encryption, we employ multiple layers of infrastructure security:
- Encryption in Transit: All data transmitted between your browser and our servers uses TLS 1.3 encryption.
- Row Level Security: Database access controls ensure you can only access your own data - enforced at the database level, not just application code.
- Secure Authentication: We use Supabase Auth with support for Google OAuth and secure session management.
- Payment Security: Payments are processed by Stripe. We never see or store your credit card information.
You Own Your Intellectual Property
Let's be crystal clear: we claim zero rights to your inventions.
PatentProviso is a tool. When you use a word processor to write a novel, the word processor company doesn't own your novel. Similarly, we have no ownership interest, license, or claim to any invention you develop or patent application you create using our service.
Your intellectual property is 100% yours. Period.
Data Deletion
You have complete control over your data:
- Delete individual applications: Remove any application and all its associated data at any time.
- Delete your account: Request complete account deletion and we'll remove all your data.
- Permanent removal: Deleted data is permanently purged from our systems within 30 days, including all backups.
Questions?
We take security seriously and are happy to answer any questions about how we protect your invention data.
Contact us at ambitionworx@gmail.com