Security and compliance

At Cradl, security is a top priority. Cradl is used by companies with high requirements to security and compliance such as government agencies and financial institutions, and in order to earn our customers' trust we believe that transparency on how your customer data is being collected, transported and stored.

You Control Your Own Data

A user defined retention policy is used to determine how long documents submitted to the API is stored before it is automatically deleted. The purpose of the data storage is to 1) to process the document for the user and 2) to improving the user's machine learning models continuously. Cradl uses AWS's built-in lifecycle rules, hooks and timers to ensure that documents are stored in accordance with retention policy specified by the user.

When uploading documents to Cradl, the user may optionally provide a consent ID which can be used to identify the origin of the document. A given consent can be revoked through Cradl's APIs which will trigger an automatic deletion of all documents with the given consent ID. For users who process documents with Cradl on behalf of other end-users, the consent ID can be used to implement right of access and right to be forgotten in accordance with the requirements of the General Data Protection Regulation 2016/679 (GDPR). In this case, Cradl recommends that a hash of the end users's ID is used as consent ID.

The user may at any given time delete individual or all documents through the Cradl APIs.

Questions regarding security?

Can’t find the answer you’re looking for? Please chat to our friendly team.

Contact Us

Try for free today

We’ll help get you started with your document automation journey. 
Schedule a free demo with our team today!

Get a demo Get started