# Security & Data Privacy Cleric uses **read-only access** to your environment, guaranteed by RBAC or access scopes supported by each system. Cleric does not make changes to customer infrastructure but may propose them. All remediation actions are performed by your team. You control what Cleric can access across Observability (logs, metrics), Infrastructure (Kubernetes, cloud providers), Code, and Documentation. Cleric is SOC 2 Type II certified. The report, as well as our policies, pentest reports, and security program details are available in our [Trust Center](https://trust.cleric.ai). Annual penetration tests are performed by external security firms; the most recent was completed Q3 2025. ## Data Access ### What Cleric Can Access Minimum access required for investigation: * **Logs & Metrics**: Infrastructure and application logs and time-series telemetry via observability APIs ([Datadog](/integrations/supported-integrations.md#datadog), [Prometheus](/integrations/supported-integrations.md#prometheus), etc.) * **Kubernetes Metadata**: Read-only commands (`get pod`, `describe pod`, `get events`) * **Alert Metadata**: Content from alerting systems ([PagerDuty](/integrations/supported-integrations.md#pagerduty), [Grafana](/integrations/supported-integrations.md#grafana)) * **Source Code**: Optional, can be scoped to single repository * **Documentation**: Optional, from [Atlassian](/integrations/supported-integrations.md#atlassian-confluence--jira) or [GitHub](/integrations/supported-integrations.md#github) Avoid exposing unnecessary personal data to Cleric. If you find personal data in Cleric investigations, contact us via or your dedicated Slack Connect channel to filter or disable specific data sources. ### Data Storage and Retention Cleric stores investigation data: queries executed, reasoning traces, and responses delivered to your team. Your data (e.g. logs, metrics, traces, code) is queried at runtime and not persisted by Cleric. * **System logs**: 30 days * **Application logs**: 120 days (configurable per customer requirements) * **On-demand deletion**: Request in writing, processed within 2 business days with confirmation ## Model & Inference Privacy ### No Model-Training Risk * Your data is **never** used to train or fine-tune models * Enterprise LLM APIs include contractual zero-data-training and zero-data-retention guarantees * All AI agent actions are logged and auditable ### Where Models Run * LLM providers: Anthropic, Google Gemini, and OpenAI * Model calls route from your isolated Cleric instance to provider enterprise API endpoints ## Platform Security Cleric is a **single-tenant SaaS solution** with complete isolation between customers. ### Architecture & Isolation * **Dedicated Infrastructure** * Isolated compute with network boundaries per customer * Dedicated instance (frontend and backend) * Dedicated PostgreSQL database per customer (not publicly accessible) * Customer-specific domain (`.app.cleric.ai`) * Data encrypted at rest using AES-256 * **Hosting** * GCP `us-east4` by default, alternative regions on request * **Infrastructure as Code** * 100% Terraform-managed infrastructure * All changes subject to automated CI/CD checks and security scans * No direct production server access via SSH or similar protocols ### Network Security & Egress * **Encryption in Transit** * TLS 1.2 or higher for all external connections * Internal service-to-service communication encrypted * Managed certificates * **Static Egress IP** * Dedicated static egress IP per instance for allowlisting * **Compromise Detection** * Monitors infrastructure for suspicious activity (privilege escalation, secret changes, IaC bypasses) * Centralized alerts reviewed by security on-call ### Internal Access Controls * Only Engineering team members have production access * Multi-factor authentication (MFA) required for all production systems * User access reviews performed at least annually ### Availability & Recovery * **Recovery objectives**: RTO and RPO under 5 minutes for API, database, authentication, and web UI * **Database backups**: Automated daily backups with point-in-time recovery. Seven daily backups retained, encrypted, and stored in multi-region location * **High availability**: Multi-zone GKE clusters with automatic pod rescheduling. Cloud SQL PostgreSQL with 99.95% availability SLA ### Security Monitoring & Incident Response * **Automated Security Scanning** * Semgrep for static code analysis * Grype for dependency and container image vulnerability scanning * Checkov for infrastructure-as-code misconfiguration detection * gitleaks for secret detection * GitHub Dependabot for dependency vulnerabilities * Oneleet for cloud security monitoring * Vulnerability remediation SLA: High/Critical within 7 days * **Incident Response** * Security incidents escalated to * Customer notification within 24 hours for critical incidents affecting customer data * Post-incident review within 5 business days for medium to critical incidents ## Contact * **General inquiries**: * **Security incidents**: --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cleric.ai/security/security-data-privacy.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.