Security and Compliance
Built to protect your data, meet industry standards, and keep you compliant.
At Cradl AI, security is a top priority. We work with organizations that have strict security and compliance requirements, and we believe transparency is essential to earning and maintaining our customers’ trust.
This page provides a high-level overview of how customer data is collected, processed, transmitted, and stored when using Cradl AI.
Application Security
Cradl AI is hosted on Amazon Web Services (AWS), allowing us to leverage AWS’s industry-leading physical security, redundancy, scalability, and key management capabilities. Our infrastructure is cloud-native, and we use managed AWS services wherever possible to reduce operational complexity and minimize the attack surface of software managed by Cradl AI.
Application Security
Cradl AI is hosted on Amazon Web Services (AWS), allowing us to leverage AWS’s industry-leading physical security, redundancy, scalability, and key management capabilities. Our infrastructure is cloud-native, and we use managed AWS services wherever possible to reduce operational complexity and minimize the attack surface of software managed by Cradl AI.
Application Security
Cradl AI is hosted on Amazon Web Services (AWS), allowing us to leverage AWS’s industry-leading physical security, redundancy, scalability, and key management capabilities. Our infrastructure is cloud-native, and we use managed AWS services wherever possible to reduce operational complexity and minimize the attack surface of software managed by Cradl AI.
Encryption and Data Protection
All data in transit, including inter-VPC communication, is encrypted using TLS. Data at rest is encrypted using AES-256 in GCM mode, in accordance with AWS best practices. Encryption keys are managed using AWS Key Management Service (KMS), with unique encryption keys per account. All TLS certificates are managed through AWS Certificate Manager (ACM).
Encryption and Data Protection
All data in transit, including inter-VPC communication, is encrypted using TLS. Data at rest is encrypted using AES-256 in GCM mode, in accordance with AWS best practices. Encryption keys are managed using AWS Key Management Service (KMS), with unique encryption keys per account. All TLS certificates are managed through AWS Certificate Manager (ACM).
Encryption and Data Protection
All data in transit, including inter-VPC communication, is encrypted using TLS. Data at rest is encrypted using AES-256 in GCM mode, in accordance with AWS best practices. Encryption keys are managed using AWS Key Management Service (KMS), with unique encryption keys per account. All TLS certificates are managed through AWS Certificate Manager (ACM).
Customer Control of Data
Customers define how long documents submitted to Cradl AI are retained using configurable data retention policies. Documents are automatically deleted once the retention period expires.
Customer Control of Data
Customers define how long documents submitted to Cradl AI are retained using configurable data retention policies. Documents are automatically deleted once the retention period expires.
Customer Control of Data
Customers define how long documents submitted to Cradl AI are retained using configurable data retention policies. Documents are automatically deleted once the retention period expires.
Third-Party Sub-Processors
Cradl AI uses a limited number of third-party service providers for infrastructure, analytics, payments, and transactional emails.
Third-Party Sub-Processors
Cradl AI uses a limited number of third-party service providers for infrastructure, analytics, payments, and transactional emails.
Third-Party Sub-Processors
Cradl AI uses a limited number of third-party service providers for infrastructure, analytics, payments, and transactional emails.
Service Availability and Resilience
Cradl AI is deployed across multiple AWS availability zones and is continuously monitored to detect and respond to failures. We use Amazon API Gateway’s built-in DDoS protection and request throttling to prevent abuse. Automated health checks are run continuously, and unhealthy instances are automatically replaced. Our service commitments are governed by our Service Level Agreement (SLA).
Service Availability and Resilience
Cradl AI is deployed across multiple AWS availability zones and is continuously monitored to detect and respond to failures. We use Amazon API Gateway’s built-in DDoS protection and request throttling to prevent abuse. Automated health checks are run continuously, and unhealthy instances are automatically replaced. Our service commitments are governed by our Service Level Agreement (SLA).
Service Availability and Resilience
Cradl AI is deployed across multiple AWS availability zones and is continuously monitored to detect and respond to failures. We use Amazon API Gateway’s built-in DDoS protection and request throttling to prevent abuse. Automated health checks are run continuously, and unhealthy instances are automatically replaced. Our service commitments are governed by our Service Level Agreement (SLA).
Vulnerability Management and Security Testing
Cradl AI undergoes regular security testing, including external security assessments. We also leverage AWS security services such as CloudTrail, WAF, GuardDuty, as well as dependency scanning tools like Snyk to detect vulnerabilities and security risks. While we continuously work to maintain a high level of security, no system is completely immune to vulnerabilities. If you believe you have discovered a security issue, we encourage responsible disclosure so we can investigate and remediate it promptly.
Vulnerability Management and Security Testing
Cradl AI undergoes regular security testing, including external security assessments. We also leverage AWS security services such as CloudTrail, WAF, GuardDuty, as well as dependency scanning tools like Snyk to detect vulnerabilities and security risks. While we continuously work to maintain a high level of security, no system is completely immune to vulnerabilities. If you believe you have discovered a security issue, we encourage responsible disclosure so we can investigate and remediate it promptly.
Vulnerability Management and Security Testing
Cradl AI undergoes regular security testing, including external security assessments. We also leverage AWS security services such as CloudTrail, WAF, GuardDuty, as well as dependency scanning tools like Snyk to detect vulnerabilities and security risks. While we continuously work to maintain a high level of security, no system is completely immune to vulnerabilities. If you believe you have discovered a security issue, we encourage responsible disclosure so we can investigate and remediate it promptly.
Internal Security Practices
Security at Cradl AI extends beyond our application and infrastructure. We maintain internal security policies covering access control, incident management, and operational security. Details of internal physical security and employee procedures are not disclosed publicly.
Internal Security Practices
Security at Cradl AI extends beyond our application and infrastructure. We maintain internal security policies covering access control, incident management, and operational security. Details of internal physical security and employee procedures are not disclosed publicly.
Internal Security Practices
Security at Cradl AI extends beyond our application and infrastructure. We maintain internal security policies covering access control, incident management, and operational security. Details of internal physical security and employee procedures are not disclosed publicly.
Identity and Access Management
Employees have unique accounts for all business-critical systems. Multi-factor authentication is enforced wherever possible, and access is granted strictly according to the principle of least privilege.
Identity and Access Management
Employees have unique accounts for all business-critical systems. Multi-factor authentication is enforced wherever possible, and access is granted strictly according to the principle of least privilege.
Identity and Access Management
Employees have unique accounts for all business-critical systems. Multi-factor authentication is enforced wherever possible, and access is granted strictly according to the principle of least privilege.
Employee Access to Production Systems
Cradl AI follows the principle of immutable infrastructure. Developers do not have direct access to production environments or customer data stores.
Employee Access to Production Systems
Cradl AI follows the principle of immutable infrastructure. Developers do not have direct access to production environments or customer data stores.
Employee Access to Production Systems
Cradl AI follows the principle of immutable infrastructure. Developers do not have direct access to production environments or customer data stores.
Employee Security
All Cradl AI employees are based in Europe (Norway). Employee laptops use full-disk encryption, and additional security precautions are taken when traveling to higher-risk regions.
Employee Security
All Cradl AI employees are based in Europe (Norway). Employee laptops use full-disk encryption, and additional security precautions are taken when traveling to higher-risk regions.
Employee Security
All Cradl AI employees are based in Europe (Norway). Employee laptops use full-disk encryption, and additional security precautions are taken when traveling to higher-risk regions.
Couldn't find something? Message us
Couldn't find something? Message us
Version
Last Updated