Data security¶
Marcel raised security in every email. Cover this before the flashy demo.
What they require¶
- Drawings and know-how stay in a controlled environment
- Optional local vector database / inference — example, not the only way
- Cybersecurity for LLM use — clear subprocessors and policies
- Engineers must trust output — transparent, traceable, no silent PLM changes
Deployment (lead with on-prem / private)¶
| Option | For Theegarten |
|---|---|
| On-prem / private network | Primary story — matches their ask |
| Dedicated VPC | Alternative if they prefer hosted isolation |
| Shared public SaaS | Do not lead with this |
Label slides: available in pilot vs roadmap — only claim what you can deliver.
Where data lives¶
flowchart TB
subgraph Inside["Inside customer network"]
D[Drawings / BOM / PLM data]
R[RapidDraft analysis]
L[Logs + findings]
end
subgraph Optional["Only if allowed"]
X[External LLM API]
end
D --> R --> L
R -.-> X| Data | Default |
|---|---|
| CAD, drawings, BOM | Processed inside |
| Embeddings | Project-local |
| Findings | Linked to PLM revision |
| Training on their data | No — unless contract says otherwise |
Answer: “Will you train on our data?”¶
Suggested wording:
No customer-specific models, embeddings, or adapters leave your project boundary. We do not reuse your data for other customers. Optional external LLMs are feature-flagged and documented.
Engineer trust (day-to-day)¶
| They need | We provide |
|---|---|
| See why | Rule name + source on drawing/BOM |
| Stay in control | Approve / reject each finding |
| Repeatability | Same package → same core checks |
| PLM authority | We never auto-release |
GDPR / subprocessors¶
Provide a short annex in the pilot contract:
- Who hosts (customer vs RapidDraft)
- Which LLM providers, if any
- Retention and deletion
- Audit log per revision
Avoid empty “GDPR-compliant” — show mechanics.
Demo tip¶
Spend 5–15 min of the hour here. Marcel’s gate; mechanical colleagues will support you if IT is satisfied.
Next: Release check demo