About IPKit
IPKit is a hosted platform that IP professionals, founders, and brand owners use to search, understand, monitor, and integrate trademark, design, and patent records across multiple jurisdictions. The customer base ranges from pre-seed founders doing self-serve clearance, through solo and mid-size IP firms, to in-house IP teams and VC/PE due-diligence teams running full-portfolio audits.
The centre of our work is trademark and brand. Trademark clearance, classification, status checking, and monitoring are the workflows IPKit is built for first. Coverage of designs and patents is real — IPKit connects to design and patent registries directly and returns their results alongside trademarks — but it extends the trademark workflow into cross-IP cases such as due diligence and full-portfolio review rather than competing with the established patent-analytics tools.
This site — offices.ipkit.ai — hosts the integration disclosure pack that IPKit ships to each office it integrates with. Reviewers from invited offices can sign in with their office email to read the pack covering their jurisdiction.
For privacy, each pack is scoped to its office: once you sign in, the sidebar shows only your office’s pack alongside this About page. Other offices’ packs aren’t listed in your navigation because each pack reflects IPKit’s relationship with that specific office and is theirs to receive, not anyone else’s. Cross-office access is limited to IPKit’s own team and the audit firms IPKit has engaged.
How IPKit accesses office data
For every IP office IPKit connects to, IPKit works directly with the office’s API team to access data through the office’s sanctioned channels — OAuth-secured APIs, signed bearer tokens, or other documented mechanisms the office has approved. IPKit does not screen-scrape, and it does not bypass authentication or rate-limit controls. Each integration is the result of an explicit access arrangement with the office; credentials are held only by IPKit and rotated on the office’s terms.
How that data is used to serve customers
When a user runs a trademark search, checks a status, or opens a monitoring watch that touches your jurisdiction, IPKit queries your office’s API in real time and returns the normalised result to the user. The result is presented in IPKit’s web app, its API, and its MCP server — the same canonical schema across every jurisdiction, so a customer comparing marks across, say, EUIPO, USPTO, and your office sees one consistent view rather than three vendor-specific shapes.
Responses are cached briefly to respect rate-limit budgets and keep results responsive. They are not warehoused as a parallel database of your office’s records, and they are not packaged into a separate data product or redistributed to other vendors. The architecture document in each pack describes the caching policy, the boundary between your office’s data and IPKit’s tool layer, and the controls that apply.
Hosting and infrastructure
IPKit runs on Fly.io , which is SOC 2 Type 2 certified. The application and its persistent storage deploy to Fly’s managed compute, and credentials are injected at runtime from Fly’s encrypted secret store rather than committed to source.
What this site discloses
Each office’s pack contains the same five documents:
- Overview — how to access the pack, what’s in it, and a one-page summary.
- Architecture — the data-flow boundary, the server-boundary auth chain, the provider-side controls, the file inventory of the source-code extract, and the runtime dependencies.
- Trust Services Criteria & Risk — how IPKit’s controls map to the AICPA Trust Services Criteria (2017), and the cross-cutting and jurisdiction-specific risks IPKit has identified, with their mitigations.
- Pack metadata — the source commit, the generation date, the file count, and a download link for the offline zip.
- Privacy policy — the IPKit privacy posture that applies across all integrations.
When an integration changes, a Changelog page lists what changed since the previous extract.
Each pack is regenerated from the IPKit source on every release. The version on this site always reflects the current implementation — there is no gap between what IPKit ships and what reviewers see here.
What’s in the source-code extract
The pack includes a scoped, redacted extract of the IPKit source for the files that touch the office’s data:
- the provider client(s), response types, and transformers for the office’s API;
- the canonical schemas that all responses are normalised into;
- the shared infrastructure — server-boundary auth, transport, caching, persistent storage, error handling, observability, and the rate limiter and circuit breaker.
The extract does not include the IPKit tool layer (search merging, conflict analysis, classification scoring, recommendation logic). Tools call the provider boundary with sanitised inputs and operate on canonical schemas; they do not change what is sent to or received from the office. The extract therefore covers every byte that crosses the boundary between IPKit and the office’s API.
The source extract is delivered inside the offline zip linked from each pack’s Pack metadata page, not as separate pages on this site. Every file in the zip carries an audit header with its source path, the extract’s git SHA, and the generation timestamp.
What this site is not
This site is not an audit of any IP office. It is IPKit’s disclosure to the office of how the integration works, what data flows where, and what controls are in place. Feedback is welcome: open the Feedback widget on any page, or email info@ipkit.ai. For partnership questions, write to partnerships@ipkit.ai.
Offices with a published pack
The following offices currently have an integration disclosure pack on this site, listed in the sidebar:
- EUIPO — European Union Intellectual Property Office
- IP Australia
- IPONZ — Intellectual Property Office of New Zealand
- JPO — Japan Patent Office
- USPTO — United States Patent and Trademark Office
- WIPO — World Intellectual Property Organization
IPKit also integrates with several other offices and services.
Disclosure packs for CIPO, EPO, and UKIPO are in preparation and will be added as they are completed.