Security & Compliance
Cleavr is ISO 27001 certified. Your data is encrypted, hosted in Europe, and isolated per client.
ISO 27001:2022 CertifiedEnd-to-end encryption
AES-256 at rest, TLS 1.3 in transit. Backups encrypted daily.
EU hosting
Data hosted exclusively in the European Union.
Per-client isolation
Multi-tenant architecture with Row Level Security. No data accessible by anyone.
Complete audit trail
Every action tracked with timestamp, author, and context. Logs retained 6 to 12 months.
Compliance
ISO 27001
- Certification
- ISO 27001:2022
- Scope
- Cleavr platform & infrastructure
- Status
- Certified
GDPR
- Role
- Data processor (article 28)
- DPO
- Appointed and available
- Hosting
- European Union exclusively
- Rights guaranteed
- Access, rectification, portability, erasure
Sub-processors
AWS
EU (Paris, Ireland, Frankfurt)- Purpose
- Infrastructure & hosting
- Certifications
- ISO 27001, SOC 2
Vercel
EU- Purpose
- Deployment & CDN
- Certifications
- ISO 27001, SOC 2
Stripe
EU- Purpose
- Payments
- Certifications
- PCI DSS, ISO 27001
Brevo
France- Purpose
- Communications (email, SMS)
- Certifications
- GDPR native
Slack
EU- Purpose
- Internal notifications
- Certifications
- ISO 27001, SOC 2
| Sub-processor | Purpose |
|---|---|
| AWS | Infrastructure & hosting |
| Vercel | Deployment & CDN |
| Stripe | Payments |
| Brevo | Communications (email, SMS) |
| Slack | Internal notifications |
Questions about security?
For any questions about security, compliance, or data protection, contact our team.
Book a demoReady to transform your
cash collection?
Hundreds of companies already get paid on time with Cleavr. What about you?