How Clarix handles your data.
Clarix protects your client data with US-only hosting, end-to-end encryption, and a verifiable audit trail of every action.
US-only hosting
Stored and processed in US-only infrastructure. No cross-border transfers, no foreign-operator access.
Encryption everywhere
TLS 1.3 in transit, AES-256 at rest, with KMS-managed keys rotated on a published schedule.
No static service keys
Short-lived, scoped tokens for every service account. No static keys, ever.
Full audit trail
Every read, write, and decision logged with timestamp, actor, and confidence score.
Per-tenant infrastructure
Each client runs in their own isolated AWS environment, database, and deployment. Cross-tenant data exposure is blocked at the database layer, not by application logic.
In-house oversight
Your team reviews flagged work in your own isolated environment. You own every exception, and the agents learn from each correction.
SOC 2 Type 1.
Audit planned. Target attestation: H1 2027.
Security sits underneath every action a Clarix agent takes. Subprocessor list, incident response playbook, audit log retention, and vendor questionnaires live in our trust center.
Procurement questions: security@clarixpartners.com