Enterprise-Ready

Security at the core of everything

Your data is precious. That's why we built OverClarity with security as the top priority, not an afterthought.

GDPR

Compliant

SOC 2 Type II

In progress

ISO 27001

Planned

Our security pillars

Built for enterprise requirements

Isolated multi-tenant

Each organization has its own isolated space. Your data is never mixed with other customers.

Complete data isolation
Separate databases
Unique encryption keys

Granular permissions

Precisely control who can view, edit, and share each piece of content.

Customizable roles
Team-based permissions
Permission inheritance

Secure sharing

Clarity Rooms are protected by secure links with access control.

Expiring links
Password protection
Domain restriction

GDPR compliant

We respect GDPR requirements and help you stay compliant.

Right to be forgotten
Data export
Managed consent
Infrastructure

Enterprise-class infrastructure

Hosted on AWS with security best practices.

EU hosting

Data hosted in Europe (AWS eu-west-3)

AES-256 encryption

Data encrypted at rest and in transit

Daily backups

Automatic backups with 30-day retention

24/7 monitoring

Continuous monitoring and automatic alerts

SSO & SCIM

Integration with your identity providers

Audit logs

Complete traceability of all actions

Data handling

Your data belongs to you

We don't sell your data. We don't use it to train models. It's yours, period.

EU hosting

All your data is stored in Europe (AWS Paris).

No sharing

Your data is never shared with third parties.

Full export

Export all your data at any time.

Your organization

Isolated data

Encrypted

Multi-tenant isolation

AWS eu-west-3

Paris, France

EU

Procurement Pack

Get all the documents you need for your procurement process: DPA, security questionnaire, technical architecture, and more.

DPA (GDPR)Security questionnaireTechnical architectureSubprocessor list

Security FAQ

Your data is stored in Europe (AWS eu-west-3, Paris). We don't use servers outside the EU for customer data storage.
All data is encrypted at rest with AES-256 and in transit with TLS 1.3. Each organization has its own encryption keys.
Only authorized users in your organization can access your data. Our team only accesses it with your explicit authorization for support.
Yes, we provide a GDPR-compliant Data Processing Agreement (DPA) to all our customers. Contact us to get it.
You can request deletion of your data at any time. We delete it within 30 days in accordance with GDPR.
Yes, we support SAML 2.0 and OIDC for integration with your identity providers (Okta, Azure AD, Google Workspace, etc.).

Questions about security?

Our team is available to answer all your security and compliance questions.

Response within 24hNo spam20 min discovery