Security

Security for teams that cannot treat business data like disposable prompts.

Jetdraft is built for work that often includes customer data, internal process details, supplier information, pricing, legal language, and other sensitive context. Our security model starts with encrypted storage, then gets stricter at the inference layer by routing heavily through providers that publish stronger zero-data-retention and compliance commitments than the default posture many AI products ship with.

Start free Back to product overview

Encryption at rest

Core documents, spreadsheet data, content blocks, file metadata, and other persisted application data are encrypted in storage rather than left as plain text.

Zero-data-retention routing

We lean heavily on providers like Fireworks and DeepInfra because they publicly document stronger no-training and low- or zero-retention handling for the inference paths we care about.

Word masking for zero-trust workflows

If you enable word masking, sensitive terms are replaced before provider-bound content is sent, so the original confidential terms never reach the model.

Encrypted storage

Encryption at rest is the baseline for anything Jetdraft persists.

Encryption is applied at write time, not added as a layer after the fact. Document bodies, spreadsheet data, content blocks, and file metadata all go through encrypted storage paths.

  • Content is encrypted before persistence — not stored as plain text and encrypted later.
  • Algorithm, key version, and timestamp are recorded alongside each value so key rotation and audits stay explicit.
  • This applies to real business artifacts, not just ephemeral chat history.
Provider policy

Our inference routing is opinionated because default provider retention is often not strict enough.

Most AI products default to providers that retain request data and logs. Jetdraft routes through Fireworks and DeepInfra specifically because their published policies document materially stronger no-retention postures.

  • Fireworks: zero-data-retention for open models without explicit opt-in, no training on prompts or API inputs, SOC 2 Type II and HIPAA compliance.
  • DeepInfra: data held in memory during inference only, deleted after completion, no disk storage of prompts or outputs, SOC 2 / ISO 27001 alignment.
  • Zero data retention is a routing and supplier-selection decision here — not a marketing claim.
Zero trust option

Word masking is the zero-trust path for the terms you never want the model to see.

Term masks replace sensitive words before content reaches the provider. The model receives the alias or REDACTED value — not the original.

  • Replacement happens before provider-facing processing, so original terms are never sent on masked paths.
  • Teams choose between readable aliases or hard redaction depending on how strict the workflow needs to be.
  • Masked terms are auditable — security teams can verify the policy is enforced, not just promised.
  • Use this when sending the original term would violate your team's internal trust threshold.
Use cases

Where teams put this workflow to work.

Teams handling sensitive client or internal data

Legal, financial, consulting, and operations teams often work with context that should not travel through a default-retention AI pipeline. Jetdraft's stack is built around that constraint.

Companies avoiding default-retention AI routes

If your policy is to avoid the normal retained-by-default path common in mainstream AI products, Jetdraft’s routing posture is materially different.

Workflows with terms that must never leave in original form

Word masking is designed for exactly this case: the model can still do the job, but it does so on aliases or redacted replacements instead of the original confidential language.

Trust

Built for work that needs a trust model, not just a prompt box.

Fireworks as a primary privacy-forward supplier

Fireworks publicly states zero-data-retention for open models without explicit opt-in, no training on prompts or API inputs without opt-in, SOC 2 Type II, and HIPAA compliance.

DeepInfra as a primary privacy-forward supplier

DeepInfra publicly states standard inference data is held in memory during inference, then deleted, with no disk storage for normal prompt/output handling, plus SOC 2 / ISO 27001 alignment.

Masking before provider visibility

For masked workflows, configured confidential terms are replaced before provider-facing content is sent, which is the strongest zero-trust option Jetdraft offers short of never sending the content at all.