BYOK Data Flow — What Goes Where
📄
Your contract opens in Word
Document exists only on your machine. Nothing is transmitted yet.
On your device
🤖
You click Review in Proviso
The add-in reads the selected text locally inside Word using the Office.js API.
Local only
🔑
Text goes directly to your LLM provider
Using your own API key, the request is sent from Word straight to Anthropic, OpenAI, or your chosen provider. Proviso's servers are not in this path.
Bypasses Proviso
✅
Analysis returns to Word
Results go directly to your Word taskpane. Proviso's servers don't see the response either.
On your device
📋
What Proviso does receive
Your license key validation ping, and a usage count (e.g., "1 review run"). Not the content. Never the content.
Metadata only
Privacy by plan
BYOK and Managed differ in one key way: who processes your contract text.
BYOK Plan · $79.99/mo
Maximum Privacy
-
✓
Contract text goes directly from Word to your API provider — Proviso never sees it
-
✓
Your API key is stored only in your local Word add-in settings
-
✓
Works with Anthropic, OpenAI, or any compatible provider
-
✓
Your provider's privacy policy and data handling apply to the contract content
-
✓
Proviso collects only: email, license key, seat activation metadata
Managed Plan · $299/mo
Managed Privacy
-
✓
Contract text is sent to Anthropic's Claude API, operated by Proviso on your behalf
-
✓
Anthropic's zero-data-retention agreement applies — contracts are never used for model training
-
✓
Contract content is processed in-flight and not stored on Proviso's servers
-
✓
Includes API cost — no separate Anthropic account needed
-
✓
DPA available upon request for enterprise customers
Security measures
What we do to protect the data we do handle.
🔒
TLS 1.2+ in transit
All communication between your Word add-in and Proviso's servers uses TLS 1.2 or higher. No unencrypted connections are accepted.
🔀
AES-256 at rest
Any personal data stored on Proviso's infrastructure (account info, license records) is encrypted using AES-256.
🔐
Cryptographic license keys
License keys are generated using a cryptographically secure random number generator with 128-bit entropy. They cannot be guessed or brute-forced.
👤
Minimal data access
Access to account and billing data within Proviso is restricted to those with a documented need. We keep our data access footprint small by design.
📋
Stripe for payments
We never store your full card details. Payments are handled entirely by Stripe, which is PCI DSS Level 1 certified.
🔍
Responsible disclosure
If you find a security issue, please report it to
[email protected] before public disclosure. We take reports seriously.
Compliance status
Where we are today, and where we're headed.
BYOK architecture — contract text never reaches Proviso servers
Active
TLS 1.2+ encryption for all connections
Active
Anthropic zero-data-retention (Managed plan)
Active
GDPR-compliant DPA template available
Available
SOC 2 Type II audit
In progress
Subprocessors
Every third party that may process data related to your use of Proviso — nothing hidden.
| Provider |
Purpose |
Data they handle |
Plans |
| Stripe |
Payment processing |
Payment info, email, subscription data |
All plans |
| Resend |
Transactional email |
Email address for receipts & notifications |
All plans |
| Anthropic |
LLM API processing |
Contract text sent during reviews (zero-retention policy) |
Managed only |
| Cloudflare |
Hosting & DNS |
Standard network metadata (IP, request headers) |
All plans |