Blueprint companion

How to use the Privian Blueprint

What the Blueprint contains, who it is for, and how founders, security and procurement teams use it to accelerate enterprise AI reviews.

As of 2026-07-01. The Blueprint itself lives at /blueprint (web) and /Privian-Blueprint.pdf (PDF).

Definition

The Privian Blueprint is a single procurement and security review document that describes the data path, retention, BYOK and scope of Privian. This guide explains what the Blueprint contains, who it is for, and how founders, security and procurement teams use it to accelerate enterprise AI reviews.

Definition

What the Blueprint is

The Blueprint is the artifact reviewers accept. This guide is the map that tells you when to hand it over.

Contents

What the Blueprint contains

Framework

Blueprint sections

  1. 01

    Executive summary

    One-page orientation — what Privian is, what it is not, who it is for.

  2. 02

    Clean data path

    Masking, BYOK boundary and what actually reaches the model provider.

  3. 03

    What reaches the model

    Per-data-class table of what crosses the BYOK boundary and what does not.

  4. 04

    Retention model

    What is stored, what is not stored, and where each record lives.

  5. 05

    BYOK

    Credential ownership, provider billing, encryption at rest and in-process handling.

  6. 06

    Subprocessors

    Operational subprocessors and the BYOK provider you select.

  7. 07

    Security review questions

    Concise, extractable answers to the questions reviewers ask most.

  8. 08

    Limitations

    An explicit list of what Privian does not do — scope, not marketing.

Audience

Who the Blueprint is for

Founders & CTOs

  • Attach once when procurement opens a security review.
  • Reference from the sales thread when a buyer asks 'do you have a security packet?'.
  • Pair with /enterprise-ready-ai for the commercial framing.

Security teams

  • Verify the data path against the diagram at /data-path.
  • Cross-check the retention model against /security/data-handling.
  • Confirm the BYOK boundary against /docs/concepts/byok.
  • Use §7 answers as questionnaire scaffolding.

Procurement teams

  • Combine with /legal/dpa and /legal/subprocessors for contracting review.
  • Use §8 limitations to size scope before internal approval.
  • Point risk & vendor management teams at /compliance-roadmap for posture status.

Enterprise buyers

  • Read the executive summary and the data path first.
  • Move to the retention model and BYOK sections next.
  • Follow the linked pages for deeper implementation detail.

Accelerate reviews

How to move faster through enterprise reviews

Framework

Review accelerators

  1. 01

    Send one URL, not five attachments

    Forward /enterprise-trust-package to index every asset in a single message.

  2. 02

    Answer with §-level references

    Reply to questionnaire items with 'Blueprint §4 (Retention)' — reviewers can verify in one click.

  3. 03

    Pair with the Compliance Roadmap

    Roadmap addresses attestation status; Blueprint addresses implemented controls. Together they answer 90% of gating questions.

  4. 04

    Route legal to the DPA overview

    Combine the DPA overview and the subprocessor list to shorten legal review.

  5. 05

    Route engineering to Data Path & Architecture

    Technical reviewers accept the Blueprint faster when they can see the per-hop implementation.

  6. 06

    Keep this page as a Slack canvas link

    Give internal champions inside the buyer a stable URL to reshare across teams.

Trust resources

Trust resources referenced from the Blueprint

Security resources

Security resources referenced from the Blueprint

Architecture resources

Architecture resources referenced from the Blueprint

  • Architecture

    How the gateway is built end-to-end.

  • Data path

    Per-hop view of what enters, leaves and is retained.

  • BYOK

    Implementation reference for bring-your-own-key.

Send one document

Blueprint

FAQ

Frequently asked questions

What is the Privian Blueprint?
A single procurement and security review document that describes what reaches the model, what is retained, how BYOK works, which subprocessors are involved, and what Privian explicitly does not do. Available as a PDF and as a web version at /blueprint.
Is the Blueprint Guide a replacement for the Blueprint?
No. The Blueprint remains canonical — this page explains how to use it. Reviewers who want the full reference should read /blueprint or download the PDF at /Privian-Blueprint.pdf.
Which sections does the Blueprint cover?
Executive summary, clean data path, what reaches the model, retention model, BYOK, subprocessors, security review questions and limitations & trust boundaries.
How do founders use the Blueprint during a sales cycle?
Attach it once when procurement opens a security review. It answers most standard questions without a back-and-forth, and it makes explicit what is and is not in scope so reviewers can focus quickly.
How do security teams use it?
As a per-hop data-path reference and a retention statement. The Blueprint maps directly to the questions in a standard AI vendor security questionnaire.
How do procurement teams use it?
As the trust-and-contract anchor. Combined with the DPA overview and the subprocessor list, it covers most procurement gates before an executed agreement.