Learn more about what we're doing to keep you, your team, and your data safe.

Data Encryption

Data is encrypted at rest in our database using AWS RDS, giving your data another layer of protection. AWS RDS encryption uses a AES-256 encryption algorithm to encrypt your data.

Password Policy

Passwords are salted and hashed, never stored in the clear. This is stored in such a way that it makes the original password permanently irretrievable. We also encourage safer password practices that provide added protection. We never store or log your password in plain text.

Two-Factor Authentication

We support (and encourage) Clarify users to use our two factor authentication feature for additional user account protection.

Security & Privacy Checks

We perform ongoing security and privacy checks to ensure that you and your team members can only see what they are supposed to.

Roles & Permissions

As part of our privacy measures all users within an organization are assigned a role which determines what information is available to them. This provides an added layer of privacy and ensures confidentiality is maintained.

SOC 2 Compliance

At this time Clarify has not yet completed a SOC 2 audit and certification, however from the inception, Clarify been built with adherance to the expectations of compliance with established security policies and procedures.

PCI compliance

We use Stripe as our payment processing provider. Through our integration with Stripe, Clarify falls into the Level 4: SAQ A-EP compliance category. All payment processing is outsourced to Stripe, which is a PCI DSS validated processor. No electronic storage, processing, or transmission of cardholder data occurs on Clarify's systems or premises.

Datacenter security

We use AWS for data storage. AWS maintains several industry-recognized certifications, including ISO, SOC, PCI, and more.

SSL Data Transmission

All browser connections and communications are transmitted over SSL (TLS) and HTTPS, encrypted while ensuring data privacy and integrity. Our SSL certificates are signed with SHA256 using a ECC algorithm.