The Trust Center
Built for the privileged.
CLOE handles contracts, deal docs, and legal correspondence. That bar means no model training on your data, hard tenant isolation, and audit trails by default.
No training on your data
Customer content is never used to train, fine-tune, or evaluate foundation models — ours or our providers'.
Encrypted everywhere
TLS 1.2+ in transit. AES-256 at rest. Per-tenant key scoping for sensitive blobs.
Org-scoped isolation
Row-level security enforced at the database. A user can only see their organization's data — there is no cross-tenant query path.
Enterprise SSO
SAML 2.0 with Okta, Microsoft Entra, OneLogin, Google Workspace. SCIM provisioning on Enterprise plans.
Audit log
Append-only log of authentication, access, and admin events. Exportable to your SIEM.
Retention you control
Configurable retention windows. Export everything. Delete with one click — and we mean delete.
Reputable infrastructure
Hosted on tier-1 cloud infrastructure with 24/7 monitoring, automated backups, and disaster recovery.
Regional data residency
US and EU regions on the roadmap for Enterprise customers.
Compliance
SOC 2 Type II in progress. GDPR-aligned data handling. DPA available on request.
Subprocessors
Up-to-date list of all subprocessors with notice of changes provided to customers. Available on request.
Report a vulnerability
We welcome responsible disclosure. security@crushcloe.com
Need our security package?
DPA, SIG, pen-test summary, and architecture diagram.