Patent Gravity is designed around controlled document workflows, reviewable outputs, and traceable project history.
Source disclosures and generated drafts are stored to support your drafting workflow.
Production drafting uses the Anthropic and OpenAI APIs, with the Google Gemini API for an optional intake assistant and, where enabled, retrieval and embedding. By default these providers do not train on data submitted through their commercial APIs, and Patent Gravity has not opted into training. The optional intake assistant uses Google Search grounding, which sends your messages to Google to retrieve live web results.
Databases and stored files reside on Railway infrastructure, which states that all customer data within Railway projects is encrypted at rest.
All application and API traffic is served over HTTPS/TLS using Railway-managed certificates.
Project data is retained for the life of the project. Deleting a project removes its files, jobs, and generated sections, and deletes stored files from disk. There is no automatic, time-based purge.
Production services are deployed in Railway's US West region (California, USA).
Each project is scoped to the account that owns it; project data is requested through authenticated, ownership-checked endpoints.
Workspace role labels (Owner / Attorney / Reviewer / Viewer) are currently display-only. Per-role permission enforcement is in progress and not yet active. Access today is controlled by authenticated account ownership — each project is accessible only to the account that owns it.
Access to customer project data is restricted to the small core team members who hold explicit access to the production hosting project and its database credentials. There is no broader internal access; operational access is limited to support and debugging needs and is gated by hosting-project permissions and credentials.
Patent Gravity performs structured, AI-assisted drafting with attorney-controlled review gates — outputs are intended for review by counsel before they are relied upon. Drafting steps are surfaced as reviewable activity on each project.
This describes the product's review posture and does not constitute legal advice or a guarantee of any filing outcome.
The current workspace renders draft artifacts for review. Dedicated export controls are a planned product surface and are not yet a complete shipped workflow.
When export controls ship, they should remain scoped to the authenticated account that owns the project. Export events are not currently recorded in an audit log.
To report a security concern or request more detail on any of the above, reach out directly. We aim to acknowledge reports within one business day and provide a triage update within three business days.
security@patentgravity.com