๐Ÿ›ก๏ธ Trust & Security

Your client's inventions
are sacred.

Patent attorneys handle some of the most commercially sensitive documents that exist. eety.ai was designed from day one around a single principle: your data belongs to you, and only you.

โœ“ GDPR Compliant โœ“ AES-256 Encrypted โœ“ Zero AI Training โœ“ Tamper-Proof Audit
All systems operational
ยท Last updated: April 2026
Digital vault representing secure storage of confidential patent data
The Four Pillars

Everything we do, rests on these commitments.

We'll explain each in plain English โ€” no technical jargon โ€” because you deserve to understand exactly how your work is protected.

๐Ÿ”

Encrypted Everywhere

Your disclosures travel over the internet locked in military-grade encryption. At rest in our database โ€” same story. Nobody can read them but you.
๐Ÿข

Completely Isolated

Your firm's data is in a walled-off environment. It is architecturally impossible for another firm's attorney to see your matters, drafts, or disclosures.
๐Ÿค

Never Used for AI Training

Your invention disclosures are never fed back to train AI models โ€” ours or anyone else's. This is contractually guaranteed, not just a policy.
๐Ÿ“‹

Full Accountability

Every action โ€” every AI generation, every edit, every upload โ€” is permanently and immutably logged. You always know exactly what happened and who did it.
Data Flow Architecture

Where does your disclosure actually go?

This is the journey your confidential invention disclosure takes from the moment you upload it. We've designed every step so that only you โ€” and no one else โ€” ever has access to it.

1

You upload your disclosure

Your PDF, Word document, or images leave your browser through a TLS 1.3 encrypted tunnel โ€” the same technology protecting online banking. No one can intercept it in transit. TLS is enforced at the network layer; plain HTTP connections are automatically rejected.

2

Stored in your private vault

Your file lands in a private, firm-specific storage bucket. There are no public-facing URLs. The only way to retrieve the file is to authenticate as you. It is encrypted with AES-256 at rest.

3

AI receives only the minimum it needs

When the AI drafts a section, it receives a tightly scoped summary derived from your invention model โ€” not your raw disclosure. Think of it like briefing a junior associate verbally, not handing them the whole file.

4

AI discards it immediately after

Once the AI generates a response, that context window is discarded. Nothing is stored by the AI provider, and nothing is retained for training. The output returns to your private environment.

Data flow diagram showing encrypted path from lawyer to eety.ai to private database, with isolated AI engine

Your data never crosses into another firm's environment at any stage.

Diagram showing that Your Firm, Other Firm A, and Other Firm B are completely isolated and cannot cross-access each other's data

"Your Firm" exists in a sealed environment. Other firms cannot see in, and you cannot see out.

Firm Isolation

Your work is
invisible to everyone else.

eety.ai serves hundreds of firms. But each firm operates inside its own walled environment. This isn't a setting you have to turn on โ€” it's how the system works at the architectural level.

๐Ÿ”‘

Every request carries your identity

Each time you interact with eety.ai, your request carries a cryptographically signed token that identifies exactly who you are and which firm you belong to. The system only returns data that belongs to that identity.

๐Ÿšง

Database-level separation

Cross-firm data access is blocked at the database query level โ€” not just at the UI level. Even if a bug existed in our interface, a firm's data could not be returned to another firm's session.

๐Ÿ‘๏ธ

No shared storage between firms

Each firm's uploaded files, patent drafts, and style templates are stored in segregated private buckets. There is no common repository, no shared folder, and no mechanism for cross-firm file access.

The Question Every Attorney Asks

"Is my client's invention going to
train your AI?"

No. Full stop. Here's exactly what we mean โ€” and how it's enforced.

Illustration showing a prohibition sign over AI brain, with patent document protected by a shield labeled Never Trains On Your IP
โœ“

Contractually protected, not just policy

We use enterprise-tier agreements with our AI providers (including Google) that contractually prohibit the use of API-submitted content for training their models. This is a legal obligation for them, not a setting we choose.

โœ“

We never send your raw disclosure to AI

We extract only a structured, scoped summary of your invention and send that to the AI โ€” not your original file. Your client's full disclosure never leaves our secure environment.

โœ“

The AI forgets immediately after

Every generation request is stateless. Once the AI returns its response to eety.ai, that context is discarded. There is no persistent memory of your content on the AI provider's infrastructure.

In plain English: When you draft a patent application in eety.ai, that invention's details are not shared with the world, not used to improve AI for your competitors, and not stored outside your secure environment. It's treated the same way you would expect a sworn paralegal to treat it.

Accountability

A complete, permanent record
of everything that happened.

Attorneys have professional obligations around file management. eety.ai's audit trail means you'll never be in a position where you can't answer "who did what, and when?"

๐Ÿ•

Precise timestamps on every action

Every upload, AI generation, edit, and export is recorded to the second.

๐Ÿ‘ค

Clear attribution by individual

Know exactly which attorney or associate performed each action โ€” no ambiguity.

๐Ÿ”’

Tamper-proof โ€” cannot be retroactively changed

The audit trail is write-once. No one โ€” including us โ€” can alter or delete a log entry.

๐ŸŽญ

Distinguishes AI actions from human actions

The log shows exactly where AI contributed and what a human attorney then modified or approved.

Illustration of tamper-proof audit trail showing timestamped entries: Draft uploaded, Claims edited, AI generated description โ€” with attorney balance scale icon

A permanent, tamper-proof log of every action. Your compliance record, automatically maintained.

Diagram showing three-layered backup system: daily backups, point-in-time recovery, and geo-redundant storage โ€” all protecting your data with a central shield
Data Resilience

Your work is never
at risk of being lost.

Hardware fails. Software has bugs. Natural disasters happen. We've built three independent safety nets so your client's patent drafts survive anything.

๐Ÿ“…

Daily encrypted backups

Every day, a complete snapshot of your data is encrypted and stored in a separate geographic location. If anything ever goes wrong, we can restore it.

โช

30-day backup retention

Daily encrypted snapshots are retained for 30 days. If something is accidentally overwritten or corrupted, we can restore the database to any snapshot within the past month.

๐ŸŒ

Google Cloud Storage durability

Your files are stored on Google Cloud Storage, which provides high durability across multiple redundant, independent storage systems. File availability does not depend on any single facility.

Technical Specifications

For those who want the specifics.

All the technical details, translated into plain language.

๐Ÿ”’

Encryption in Transit

TLS 1.3 enforced at the network layer. Plain HTTP connections are rejected. All data in transit between your browser and eety.ai is encrypted end-to-end.

TLS 1.3
๐Ÿ’พ

Encryption at Rest

Database, file storage, and all backups are encrypted using AES-256 โ€” the same standard used by the US Government for classified data.

AES-256
๐Ÿช™

Authentication

Short-lived JSON Web Tokens (JWT) with automatic rotation. Sessions expire and renew silently โ€” you won't notice, but unauthorized access can't persist.

JWT Auth
๐Ÿงฑ

Password Storage

Passwords are hashed using bcrypt with a per-user salt. We never store a readable version of your password โ€” not in logs, not in our database.

Bcrypt
๐Ÿ“œ

Regulatory Compliance

Designed to meet GDPR requirements for data handling. In the event of a data breach, we notify affected users within 72 hours as legally required.

GDPR
๐Ÿค–

AI Provider Agreements

Enterprise Data Processing Agreements (DPAs) with AI providers explicitly prohibit training on API-submitted content. Legally binding, not just a settings toggle.

DPA Covered
Attorney FAQ

Questions we hear from attorneys every day.

Can my opposing counsel or anyone else at another firm see my drafts?

No. Each firm operates in a completely isolated environment. Another firm's attorney cannot access, search, or even know about your matters. This isolation exists at the database level โ€” it is not a permission setting that could be misconfigured.

Does eety.ai use my client's inventions to improve its AI?

Never. Your content is never used to train eety.ai's models or the underlying AI providers' models. This is covered by enterprise-tier Data Processing Agreements. The AI also never receives your raw disclosure โ€” only a structured, scoped summary of relevant facts. Once a drafting session completes, that context is discarded.

Who at eety.ai can read my patent disclosures?

Production access is restricted to a small number of named engineers, requires multi-factor authentication, and every access event is logged. We follow the principle of least privilege โ€” no one has access to customer data that isn't required for their specific role. We never use customer content for anything other than delivering the service.

Where is my data stored, and is it subject to US law?

Your data is hosted on infrastructure located in the United States. We comply with GDPR requirements for users in applicable jurisdictions. If you have specific data residency requirements, please contact us to discuss options.

What happens if I cancel my account?

You can export your drafts and data at any time. Upon account termination, your data is deleted from our active systems in accordance with our data retention policy and applicable law. Please contact support@eety.ai for specific data deletion requests.

How do I report a suspected security issue?

Email security@eety.ai with as much detail as possible. We acknowledge all reports within 48 hours and provide a resolution timeline within 7 business days. We will not pursue legal action against researchers who disclose responsibly and in good faith.

๐Ÿ›ก๏ธ

Security you can stand behind
in front of your clients.

When a client trusts you with their invention, you need to trust the tools you use with it. eety.ai was built for exactly that standard.

Start Free โ€” No Credit Card Contact security team โ†’

Personas Dot Work Private Limited ยท CIN: U62099HR2025PTC138516 ยท ALTF Success Tower, Gurgaon, India