2. The Architecture of Trust
In construction, the contents of project correspondence include commercial positions, claim strategies, defects and personnel matters. None of this should leave the project boundary, and certainly none of it should ever flow into a public AI training pipeline. Trust, therefore, is not a marketing claim. It is an architectural decision made before any model is trained.
Data Sovereignty
The platform operates on a walled-garden principle. Each customer’s instance is isolated, with project data ingested into a dedicated knowledge layer that no other tenant — and no external model provider — can read. Retrieval-augmented generation is constrained to the customer’s own corpus, so the model answers questions using the project’s own letters, specifications and contracts, and nothing else.
Security by Design
Security is built into the deployment model rather than bolted on. The stack uses encrypted storage at rest and in transit, role-based access aligned to project hierarchies, full audit logging of every query and document access, and the option to deploy fully within the customer’s own cloud tenancy. For organisations with the strictest requirements, an air-gapped on-premise deployment is supported with no outbound connectivity to public model APIs.
The Transparency Promise
Customers receive an explicit, contractual guarantee: no project data is ever used to train, fine-tune or improve any general-purpose model. There is no hidden opt-in, no telemetry of document contents, and no shadow logging of prompts or responses for model improvement. What enters the walled garden stays in the walled garden.
No hidden opt-in. No silent training. No exfiltration of your contract data into a public model. Ever.
Low-Latency, High-Accuracy Logic
Trust extends to performance. The inference layer is built on open-source components — vLLM for high-throughput serving, containerised with Docker for predictable deployment, and orchestrated to keep retrieval and generation within sub-second budgets for the queries that matter most. Open-source foundations matter for two reasons: they are auditable by the customer’s own security team, and they free the platform from the commercial drift of a single vendor’s roadmap.