Security and Data Handling
Scoped. Contained. In-platform.
YouDesign Blueprints handles runtime data inside the customer's ServiceNow environment. This page is a plain-language summary for admins, security reviewers, and business stakeholders. Use it as a starting point for security review conversations. It does not replace a formal customer security review.
This page summarizes runtime data behavior for security review conversations. For technical reference on architecture, identifiers, and role assignments, see ServiceNow Administration. For end-user role behavior, see Roles and Permissions.
Core position
YouDesign Blueprints operates inside the customer's ServiceNow environment as a scoped application. Blueprint data, template data, and user interactions stay inside the ServiceNow platform boundary.
Data boundary summary
Application runtime location
Runs inside the customer's ServiceNow environment
Primary application data
Stored in scoped ServiceNow tables under the application's scope.
Normal API calls
Sent to ServiceNow scoped endpoints for the application
External product analytics
Not used. The application does not send analytics data to external services.
AI runtime features
Not used. The application does not call external AI services.
What the application stores
The application stores product data needed to support its workflows, including:
Template definitions.
Blueprint records and metadata.
Blueprint canvas layout and content.
Staged future-state content and relationship changes.
Per-user settings and preferences.
What user preferences are stored
The application stores preferences so each user gets a consistent experience across sessions.
Examples include:
Theme.
Language.
Accessibility settings.
Grid settings.
Tutorial preference.
Favorite templates and favorite order.
Sorting preferences in Home, the Blueprint Editor, Template Editor, and Auditor.
These preferences make the application usable and consistent across sessions. They are not analytics or behavior tracking.
Tracking and behavior monitoring
The application does not send user-behavior analytics or tracking events to external services.
In plain language:
The application does not include analytics or usage-tracking features.
Stored settings (theme, language, etc.) make the application usable and consistent across sessions.
These are user preferences, not behavioral tracking.
AI and token usage
YouDesign Blueprints does not include AI assistance features or call external LLM services.
That means:
The application has no AI support workflow.
It does not consume AI tokens.
Using the application does not send blueprint content to external AI services.
Data access by ins-pi
The application does not transmit customer blueprint content or source records to ins-pi systems. The application runs entirely within the customer's ServiceNow environment.
Audit logging and data retention
Audit logging, data retention, and account deactivation use standard ServiceNow platform behavior for scoped applications. Your ServiceNow instance may add organization-specific retention or audit policies.
What security reviewers usually want to hear
For stakeholder and review discussions, the most important points are:
The application is a scoped ServiceNow application.
The normal runtime stays inside the ServiceNow platform boundary.
Application data is persisted in scoped ServiceNow tables.
User settings are stored to support the experience, not to run analytics.
The application does not include AI assistance features or consume AI tokens.
Review note
If your organization requires a formal security or privacy statement, use this page as a starting summary. Pair it with your own ServiceNow platform review, role review, and instance-specific governance process.
Last updated