FeaturesHow it worksFAQSign inTry it free

Security at ClawPine

Data Handling

ClawPine processes compliance-sensitive data including PII detection results, audit logs, and policy configurations. All PII is automatically stripped from agent inputs and outputs before reaching LLM providers. Audit logs are immutable and stored with cryptographic integrity verification.

Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). API keys and credentials are stored using industry-standard secret management.

Infrastructure

Hosted on European infrastructure. Application containers are isolated per deployment. No shared tenancy between customers.

Access Control

PII stripping rules are configured per agent and enforced at the proxy layer before data leaves your infrastructure. Audit logs are append-only and accessible only to compliance admins. Policy configurations require two-person approval for changes on Enterprise plans.

Compliance Roadmap

  • SOC 2 Type I — targeting Q3 2026
  • GDPR — compliant by design (EU hosting, data minimization, right to deletion)
  • HIPAA — BAA available on Enterprise plan
  • SOC 2 Type II — targeting Q1 2027

Responsible Disclosure

Found a vulnerability? Email security@clawpine.com. We respond within 48 hours.

Questions

For security inquiries, contact security@clawpine.com.