How PatentFig Protects Pre-Filing Patent Materials

If you work with invention disclosures, draft figures, or filing-ready attachments, you already know the uncomfortable truth about pre-filing materials: they are often most exposed before the application is filed, not after.

A draft system diagram, a rough claim-supporting flowchart, or a set of annotated product screenshots may contain the exact technical details a patent application is meant to protect. That is why legal teams, in-house IP groups, and outside counsel are increasingly cautious about using generic AI tools for patent drawing work.

This is also why the right question is not just "Can AI generate patent figures?" The better question is "How does this vendor treat confidential pre-filing material?"

At PatentFig, that review usually comes down to a short list of practical concerns:

1. Does the vendor train on customer data?
2. Which subprocessors handle the data?
3. Can the vendor sign a DPA or NDA?
4. What are the retention and deletion terms?
5. What security controls and breach-notification commitments are in place?

This article explains how PatentFig approaches those questions today, using the same commitments reflected in our public Trust & Security, Privacy Policy, and Terms of Service pages.

Why pre-filing patent materials require a higher bar

Many AI tools are built for general consumer or marketing workflows. Patent drafting is different.

Pre-filing materials can include:

• invention disclosures shared between inventors and counsel;
• draft figure descriptions tied closely to pending claims;
• annotated images or CAD exports not yet disclosed publicly;
• method steps, system blocks, or design views that reveal filing strategy.

If a team cannot clearly explain how those materials are handled, procurement and legal review will slow down for good reason.

For patent work, "good enough" privacy language is usually not enough. Teams need clear answers that map to real internal review questions.

The first question: do you train on customer data?

This is usually the first issue raised by law firms and enterprise procurement teams, and it should be.

PatentFig's public position is straightforward:

• we do not use customer prompts, uploads, outputs, or project metadata to train our own models;
• we do not permit third-party AI providers to train on customer content submitted through the service;
• we do not review customer content for AI training or benchmarking purposes.

That matters because patent drawing workflows often involve materials that are still confidential, still evolving, and not ready for broad exposure.

In practice, teams evaluating any AI patent drawing vendor should push for a direct answer here. If the answer is vague, conditional, or spread across multiple pages, that is a review risk by itself.

Confidential treatment matters as much as model-training terms

The training question is critical, but it is not the only question.

PatentFig also treats uploaded materials and generated outputs as confidential customer content. In practical terms, that means customer content is used to provide, secure, and support the service, not sold, published, or made available to third parties for their own purposes.

That distinction is important for patent teams because many workflows do not start with a clean, publication-ready drawing. They start with messy internal material:

• engineering diagrams,
• founder sketches,
• internal screenshots,
• provisional-stage concept visuals,
• redlined drafts exchanged between legal and technical teams.

Those inputs still deserve confidential treatment even when they are incomplete.

Which providers are involved?

Enterprise buyers also want to know who is actually in the processing chain.

PatentFig's primary subprocessors currently include:

• Google for AI model inference;
• Vercel for application hosting and delivery;
• Cloudflare for object storage and content delivery;
• Stripe for payments and billing.

There may also be additional providers for support functions such as transactional email, analytics, authentication, and customer support. For business customers, the practical point is not that there are zero vendors involved. The practical point is that the vendor can identify the primary subprocessors and discuss the rest in a business review.

This is one reason we added a dedicated Trust & Security page instead of leaving everything buried inside legal policies.

Can PatentFig sign a DPA or NDA?

For many business customers, this is where interest turns into a real review.

PatentFig can support:

• Data Processing Agreements (DPA), including Standard Contractual Clauses where applicable;
• mutual Non-Disclosure Agreements (NDA);
• contractual reaffirmation of no-training commitments;
• additional business terms such as custom retention language in appropriate commercial arrangements.

That is often enough to move a review forward without forcing the customer to reverse-engineer the vendor's position from scattered website copy.

If your team has a procurement questionnaire, the fastest path is usually to send it together with any DPA or NDA requirement to contact@patentfig.ai.

What about deletion and retention?

Deletion language is another area where buyers usually want precision, not marketing language.

PatentFig's current public retention approach is:

• active account content is retained while the account remains active;
• closed accounts are deleted within 30 days, subject to limited legal, tax, accounting, and anti-fraud retention obligations;
• backups are rotated and purged on a 90-day cycle;
• certain billing, transaction, audit, and security records may be retained longer when required by law or operational necessity.

This is the type of answer procurement teams actually need. It is concrete enough to review, but does not pretend that every class of record follows the exact same deletion path.

Security controls and breach-notification commitments

PatentFig's public materials also describe a baseline set of security controls, including:

• encryption in transit and at rest;
• least-privilege access controls;
• multi-factor authentication for administrative accounts;
• audit logging and production monitoring.

No internet service can honestly promise absolute security. What matters more is whether the service describes a coherent control model and whether it commits to prompt notification if something goes wrong.

PatentFig's stated breach-notification position is that affected customers will be notified without undue delay and, where feasible, within 72 hours of confirmed discovery of a breach affecting customer data or customer content.

For procurement teams, that is usually one of the clearest markers that a vendor understands business review expectations.

A simple way to evaluate any AI patent drawing vendor

If you are reviewing an AI patent drawing tool, these are the minimum questions worth asking before sending confidential materials:

1. Is customer content used for model training in any form?
2. Which providers process the data?
3. Can the vendor sign a DPA or NDA?
4. What are the retention and backup timelines?
5. What security controls are in scope today?
6. What breach-notification timeline is actually stated?

These are not "enterprise extras." They are baseline review questions when pre-filing IP is involved.

Where to review PatentFig's current position

If you want the short operational summary, start with Trust & Security.

If you want the detailed legal language, review:

• Privacy Policy
• Terms of Service

If your team is already in a procurement review, send the questionnaire directly to contact@patentfig.ai. That is usually faster than trying to map a vendor from generic legal copy alone.

Final takeaway

The real question for AI patent figure software is not just whether it saves time. It is whether it can save time without creating new risk around confidential pre-filing materials.

That is why PatentFig now publishes a dedicated trust summary alongside its legal policies. It gives patent attorneys, IP teams, and procurement reviewers one place to evaluate the commitments that matter before they upload sensitive material.

Review PatentFig's trust commitments

If you want the procurement-oriented summary first, read the Trust & Security page.

If you are ready to test the workflow itself, open the PatentFig generator.