Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.getclaro.ai/llms.txt

Use this file to discover all available pages before exploring further.

Data protection

  • Encryption in transit — TLS 1.3 for all API and browser traffic.
  • Encryption at rest — AES-256 for all stored data.
  • Per-workspace encryption keys — available on Dedicated plans.
  • Data residency — EU and US regions available; region is selected at workspace creation.

Authentication & access control

  • Single Sign-On — Okta and Azure AD on Dedicated plans.
  • Role-based access control — per-catalogue permissions for read, edit, and approve. Reviewer roles restrict access to the Notifications surface only.
  • API security — bearer token authentication with per-token scope and rate limiting.
  • Audit log — complete activity log covering operations, record edits, approvals, sync events, and user management changes.

Workspace isolation

Each workspace is isolated at the data layer. Cross-workspace access is not possible. All catalogue data, operation runs, and Knowledge Base content stay within the workspace boundary.

Compliance

  • GDPR compliant. Data Processing Agreement (DPA) available on request.
  • CCPA compliant.
  • SOC 2 Type II — audit in progress; expected completion Q4 2025.
Full compliance documentation is available at hello@getclaro.ai.

Self-hosting (Dedicated)

For organizations that require on-premises or private-cloud deployment:
  • Kubernetes Helm chart for any cluster.
  • Managed VPC setup in your cloud account.
  • Air-gapped environment support (no external calls).
  • On-premises installation with dedicated support.

Responsible disclosure

If you discover a security vulnerability, please report it to security@getclaro.ai. We aim to acknowledge reports within 24 hours and provide a resolution timeline within 72 hours.