Data and FAQs
Your patents never train a model.
The full data and security posture, written by the founder, not by a procurement lawyer. Followed by the questions buyers actually ask in the 15-minute call.
Our six commitments
The rules of the road for your data on the platform.
- 01
Encryption end to end
TLS 1.3 from the browser to the edge, TLS between every internal hop, and AES-256 at rest on the Neon Postgres volume and the Hostinger VPS file system. Backups are encrypted with separate keys and rotated on a 30-day schedule. Plaintext customer data does not exist in any layer of the stack, including internal logs.
- 02
Tenant boundary at the database row
Every portfolio, evidence pack and chart row is scoped to your account identifier at the database layer. A request that does not match the cookie does not get the row, regardless of the URL pattern. Reverse-lookup attacks fail at the query, not at a middleware filter. Internal staff access is read-only and logged centrally.
- 03
Operational hygiene
Production deploys from short-lived CI tokens scoped to a single repository. Secrets are rotated quarterly, with an out-of-band runbook owned by the founder. The VPS is behind a stateful firewall, SSH-key authentication only, with a fail2ban policy on the chat backend. Admin actions on the database write to an audit table you can request a copy of.
- 04
External review, no fakery
A SOC 2 Type 2 readiness programme is funded for 2026, with an independent penetration test scheduled to follow. We will not list a certification on this page or in a sales conversation before the auditor's report is signed and dated. If counsel needs a security questionnaire today, the founder fills it in by hand within the working day.
- 05
Privacy by build, not by promise
Drug Landscape Ltd is the registered data controller under ICO registration C1940863. UK GDPR Article 17 erasure is wired into the dashboard settings page as a one-click action with email confirmation, not an email-the-DPO process. Data minimisation runs through the design of every screen: we collect what the chart needs to function and nothing else.
- 06
Always-on monitoring
Uptime and log-based alerts cover the chat backend on the VPS; Vercel observability covers the marketing surface; Neon's point-in-time recovery covers the database with a 30-day retention window. An incident reaches the founder's phone within minutes and to customer email within the working day, in plain language not a boilerplate template.
A note on certifications. Patent Radar is not yet SOC 2 Type 2, ISO 27001 or ISO 42001 certified. We will not list a badge on this page or in a sales conversation before the auditor's report is signed and dated. Buyers who need a SOC 2 report today should treat this disclosure as the honest version of the answer.
Frequently asked
The questions buyers ask before a 15-minute call.
Each answer is the same one the founder gives on a video call. Verbatim, not a re-worded marketing version.
01Does Patent Radar use my patents to train an AI model?
No. Customer claim text, evidence packs and hits are never used to train any model. Where the platform calls a third-party LLM provider for inference, the call is configured with zero-retention on whichever provider supports it, and the prompt never persists outside the request lifecycle. Our commercial agreement with you names this constraint explicitly.
02Where is my data hosted?
The database is Neon Postgres in their eu-west-1 region. The chat backend is a Hostinger VPS in their eu-central data centre in Frankfurt. The marketing surface is Vercel, served from its global edge. Transactional email is Resend in eu-west-1. No customer-data row leaves the EU under default routing.
03Do you contact the alleged infringer on my behalf?
Never, under any pricing tier, under any custom arrangement. UK Patents Act 1977 §70 (as amended by the Intellectual Property (Unjustified Threats) Act 2017) imposes strict liability for unjustified threats of infringement proceedings. The product has no surface, no API endpoint and no export format designed for forwarding a Patent Radar output to a third party. Your counsel decides what to do with what we surface.
04Can I export my data?
Yes. The dashboard exports every chart as Word, PDF and CSV; portfolios export as CSV; evidence packs export as a zipped archive with the source URL and crawl date on every file. The export endpoint is documented on the settings page. There is no charge for export and no notice period requirement.
05How do I delete my account?
Settings → Account → Erase account triggers a UK GDPR Article 17 erasure: portfolios, evidence packs, chat history, audit-log rows scoped to your account and the account record itself are removed within 30 days. Stripe customer records are retained per HMRC's seven-year requirement for VAT. We email a confirmation when the erasure completes.
06What does 'evidence pack' actually mean?
Per claim row in the chart, we store the source URL, the page snapshot at crawl time (rendered HTML and a PDF), the crawl timestamp, the model identifier, the prompt version, and a SHA-256 hash of the rendered content. The pack lives in your tenant and is exportable as a zip. It is designed to support the standard that admissibility rules apply to AI-derived evidence.
07Is Patent Radar's output accurate enough to use in court?
Patent Radar's output is draft work product, prepared for review by qualified legal counsel. It is not a legal opinion, not a freedom-to-operate analysis, and not court-ready evidence on its own. Your patent attorney will rewrite the chart, override read-strength calls where appropriate, and certify the version that goes to the court. We make their job faster, not their job.
08Who owns the output?
You do. The chart, the evidence pack and the audit log are your work product the moment they are generated. Drug Landscape Ltd holds no licence over them, will not use them for any purpose outside delivering the service to you, and removes them on request. The platform code and the underlying models are licensed to you for use, not transferred.
09Do you cover EPO and WIPO patents, or just USPTO?
USPTO, UKIPO, EPO, WIPO PCT and EUIPO are inside the default coverage. JPO, KIPO and CNIPA are on the 2026 roadmap and available on a custom arrangement now. Lens.org sits behind the international coverage; PatentsView sits behind the US coverage. If a jurisdiction matters to a quote we are running, we will say so on the call.
10What happens when a hit is wrong?
Mark it dismissed in the dashboard with a one-line reason. The agent learns the dismissal at the portfolio level, not the global level: your false-positive does not leak into another customer's ranking. Confidence pills never reach red, by design, red would read as a legal conclusion that the platform is not authorised to make.
11Do I need a subscription to see a sample chart?
No. Three replayable scans live on the homepage with the full chart shape, the full evidence packs and the actual quoted snippets. The sample reports page has a wider gallery. A 15-minute scoping call is the right next step after a sample replay, not a credit-card prompt.
12What is the price?
We do not publish a list price. Portfolio size, jurisdictions and team count change the figure too much for a sticker on a page to be honest. Book a 15-minute call with the founder and a number lands in your inbox by end of the working day, with the scope it covers spelled out in writing.
Still have a question?
Email the founder. Not a shared inbox.
Security questionnaires, procurement forms, custom DPAs, EU representative letters anything that needs a human signature, James handles inside the working day.
Book a 15-minute call →