Security

We get it—handing over sensitive customer information requires trust, and we don't take that lightly. Since day one, we've built Clarify with security and privacy as foundational principles, not afterthoughts. Here's how we protect what matters most to you.

Data protection and infrastructure

Where your data lives

All customer data is hosted on enterprise-grade AWS infrastructure within the United States.

Multi-layered security

• Data is encrypted in transit and rest
• Backups: Fully encrypted backups and annual recovery testing

Regional hosting

Currently US-only, with EU hosting planned.

Access controls and internal safeguards

Only essential engineering and support staff have production access. Every access event is logged and monitored.

How we control internal access:

• Multi-factor authentication required for all production systems
• Role-based access controls
• Audit logging for all administrative actions

Compliance certifications

SOC 2

We are in the process of obtaining SOC 2 Type 1 and Type II compliance.

Product security features

Enterprise authentication

• Single Sign-On (SSO) and SAML.
• Contact us for SCIM support.

Security testing and monitoring

Continuous security validation

• External penetration testing: Annually by qualified third-party firms
• Vulnerability scanning: Vulnerabilities are logged and tracked across all platforms
• Secret scanning: automated scanning to prevent secrets in code

Resources

System status

• Real-time platform status and performance metrics

Security contact

• General security questions: security@clarify.ai

Trust center

• trust.clarify.ai

We'll notify customers of any material changes to these policies.