Skip to content

// Trust & privacy

HOW WE KEEP YOUR
DOCUMENTS PRIVATE.

Your tender drawings, your owner's emails, your fee schedules — none of it should ever be on a third party's training set or leaked to a competing GC. The whole point of a Marapone build is that the model and the data live where you put them. Here's exactly how that works.

// Data residency

WHERE THE DATA LIVES

Marapone is based in Toronto and Rome. We do the build work from those offices. The system itself runs wherever you want it: on your laptop, on a server in your office, or in your cloud tenant.

CANADA

Toronto residency

Default for Canadian GCs. PIPEDA-aligned defaults.

EU

Rome / EU residency

Default for European clients. GDPR-resident processing.

YOUR PREMISES

On-prem / private cloud

Documents never leave your infrastructure. Air-gap supported.

// What never happens to your docs

FOUR THINGS WE WILL NOT DO.

NEVER 01

No third-party LLM API calls

Your drawings and RFIs never get sent to OpenAI, Anthropic, Google, or any external LLM provider. The models run locally on hardware you control.

NEVER 02

No model training on your data

If we fine-tune a classifier for your project, the resulting weights belong to you and stay on your hardware. We don't aggregate them into a shared model.

NEVER 03

No cloud data lake

There is no Marapone "central database" of your projects. We don't have a tenant we put you in. We hand over the system; the system runs in your environment.

NEVER 04

No cross-client data sharing

What we learned building for one GC never shows up in another GC's system. Each build is a separate codebase, separate weights, separate everything.

// Compliance posture

THE PAPERWORK SIDE

NDAs standard

Mutual NDA on the first call if you'd like one. Project-specific NDAs available before any build starts.

Audit trail

Every model query, every document touched, every response is logged with a timestamp and the user. Searchable. Exportable.

Retention policy

You set the retention windows per document class — RFIs 7 years, daily logs 10, owner emails by your own policy. We don't.

Deletion on demand

A single command (or UI button) wipes a project's documents, embeddings, and any project-specific fine-tuned weights from the system.

// Construction-specific

DRAWING IP & PROJECT SEGREGATION

Drawing confidentiality

Tender drawings are sensitive — owners and architects often have explicit clauses against sharing with third-party SaaS. Because everything runs on your hardware, sharing with a third party never happens. Your NDA with the consultant stays clean.

NDA template available

We can provide a Marapone-side NDA template that explicitly covers tender drawings, project schedules, owner correspondence, and trade pricing. Ask for it during the discovery call.

Per-project segregation

Each project gets its own namespace in the vector store. A user with access to Project A cannot retrieve content from Project B unless explicitly granted. This is a default, not a paid tier.

// Deployment security defaults

WHAT'S ON BY DEFAULT, PER DEPLOYMENT

Laptop On-prem server Your cloud
Encryption at rest FileVault / LUKS LUKS / BitLocker AWS KMS / Azure Disk
Network exposure localhost only LAN + VPN Private VPC
Access control OS user SSO + role SSO + IAM + role
Outbound calls None None None

// Your side of the line

CUSTOMER RESPONSIBILITY CHECKLIST

We secure the system as we ship it. The following stay on your side:

// Read the legal docs

Privacy Policy

How we handle data on the marketing site and during engagements.

Terms of Service

Default engagement terms; bespoke MSAs available.

Security

Detailed security overview, vulnerability disclosure, and contact.

// Need a security review pack?

SEND IT TO YOUR IT TEAM
BEFORE WE START.

We have a one-page security overview, an architecture diagram, and a draft NDA ready to send. No fluff, no marketing — your CISO will thank you.

Request the Security Pack → See the Architecture