Soldera's Secure AI Practices: Guarantees of Origin Management

Can you trust AI with PPAs and Guarantee of Origin contracts?

You can always trust the AI Soldera deploys to be secure and functional, because we design for sensitive material from the start.

When you upload a PPA or a GO statement, it is processed in an isolated session, then cleared from working memory. Your documents never train our models, and each client's data is isolated; no cross-contamination between organizations. Data is encrypted in transit and at rest, access is gated by SSO and role permissions, and every action leaves an audit trail. If your policy or preference is for regional data-processing, we can run an EU-hosted private inference stack as an add-on arrangement; we are happy to discuss it if you let us know. Our full privacy policy details data handling and retention practices.

Most vital to understand is that our AI contract parsing keeps the legal context intact whilst accurately surfacing the vital terms that steer or schedule the primary registry actions: GO issuance, transfer, and cancellation (AIB defines these registry actions here).

How do the AI API providers that Soldera uses treat your data?

AI usage in our platform occurs through APIs. Whilst our exact stack is private by design, we'll gladly share more details if it's an important factor for your business. For general guidance and reference, we've compiled some policies from the largest providers in the market. Wherever we are given the choice, Soldera always opts out of improving the model; we take the most private path wherever we can. Here's what the providers say:

• OpenAI API data controls confirms that any API inputs and outputs that occur are not used for training by default.
• Gemini API terms state that prompts and responses sent via paid Gemini API are not used to improve Google products.
• For Anthropic, the API and commercial tiers indicate that prompts are not used for training unless a customer explicitly shares data.

What does AI mean for GO management in practice?

It means faster controls without risk. Our system extracts contract terms (like PPA delivery schedules and forward sales agreements) that affect GOs, maps them to registry events, and allows for schedulable and programmable actions; no more manual entry of what you want to do. Moreover, you can always handle these contracts manually, or set up a human approval step if you want it.

AI security is new territory: we're an open book

We know questions help reduce risk. If your team wants to scrutinize our AI security setup, you're more than welcome to bring the tough scenarios; just let us know so we can facilitate the conversation with a technical team member. We will bring clear diagrams, plain answers, and a path forward that your governance can approve.