updates

docs/docs/getting-started/how-we-protect-your-data.md

@@ -22,7 +22,12 @@ At the end of this process, users will know that when using our Python SDK, **th
 
 ### 1. Deploying the API in an enclave
 
-<!-- [TEXT TODO] -->
+To deploy our AI API, we developed a custom solution using virtual Trusted Platform Modules (TPMs). The API is deployed in an **enclave** that ensures confidentiality by using a container with strict isolation policies, along with a custom minimal OS loaded into RAM to mitigate attacks on the disk.
+
+The custom OS generates measurements of itself and update the Platform Configuration Registers (PCRs). It uses these measurements to generate an attestion report, which serves as cryptographic proof that the enclave and its code are as expected. Upon deployment, a secure TLS-terminating reverse proxy using Caddy is created to handle the generation of the TLS certificate required for a TLS tunnel.
+
+The client connects to this reverse proxy, verifies the attestation report, and then accesses the AI container that serves the AI API.
+
 We provide more details about **enclaves** in our [concepts guide](../concepts/enclaves.md).
 
 ### 2. Proving privacy controls are applied