Security
Introduction
The purpose of this Security Policy is to explain our procedures for the treatment of data in connection with the Services.
Scope
This Security Policy applies to all Services provided by Patently.
Services
as defined in Section 2 of the Terms of conditions for Access
User Content
as defined in Section 13 of the Terms of conditions for Access
Onardo Output
as defined in Section 6 of the Terms of conditions for Access
Data Protection
We have a Privacy Policy that outlines the protection of your Personal Data in Patently. This policy is in accordance with applicable law including the General Data Protection Regulation ((EU) 2016/679).
Personal Data is not shared with any LLM provider.
Data Security
Data is shielded against accidental loss, alteration, and unauthorized access using various security controls including:
Access Logging – we keep track of who signs in and how they sign in.
Code Security – every new or significantly changed feature undergoes rigorous testing and review before it’s deployed.
Network Security – we implement SSH access, which secures communication channels by encrypting the data exchanged between your browser and Patently. This ensures that sensitive information, such as passwords and data, is protected from security threats.
HTTPS Implementation – We use SSL and HTTP requests are automatically routed to HTTPS.
Encryption – User Content is typically encrypted both in transit and at rest. This means that your data is protected as it travels between systems and when it is stored on servers or in databases.
Backups
We have a Backup and Restore Policy that outlines how User Content is systematically and securely backed up in Patently.
AI tools
Create, one of the Services, uses our AI assistant, Onardo. The Onardo Output is processed by secure on-premises servers located in the UK. All data transfers are encrypted to guarantee the highest level of protection. API calls between Onardo and a Large Language Model (LLM) model (details set out below) are also secure and encrypted, ensuring the confidentiality and integrity of the Onardo Output throughout.
We implement enterprise-level authentication through SAML SSO.
We implement data encryption at rest (AES-256) and in transit (TLS 1.2+).
LLM model
Onardo is configured to communicate via secure API calls with Open AI and with Anthropic.
Open AI API Platform has been audited and certified for SOC 2 Type 2 compliance.
OpenAI Business Terms: Business terms | OpenAI
OpenAI Data Processing addendum: Data processing addendum | OpenAI
Data Processing Addendum: Launch Form (ironcladapp.com) (the completed form is available upon request)
OpenAI Privacy: Enterprise privacy | OpenAI
Anthropic Business Terms: Commercial Terms of Service \ Anthropic
Anthropic Usage Policy: Usage Policy \ Anthropic
Anthropic Privacy Policy: Privacy Policy \ Anthropic
Anthropic Data Retention: zero days