Security & Data Protection
Clarity Decision Room (CDR) is built on enterprise-grade infrastructure designed to support structured decision governance across organizations. We intentionally limit scope to reduce regulatory exposure and maintain a focused, secure architecture.
Infrastructure & Hosting
CDR is built entirely on Zoho Creator infrastructure. Zoho maintains industry certifications including SOC 2 Type 2 and ISO 27001-family standards.
- AES-256 encryption at rest
- TLS 1.2/1.3 encryption in transit
- Redundant data centers and failover systems
- Continuous infrastructure monitoring
Data Ownership
Customers retain ownership of all Customer Data. CMG processes data solely to operate, maintain, and support the platform.
We do not sell Customer Data and do not use Customer Data to train generalized AI models.
Data Classification & Intended Use
CDR is designed for operational, governance, and execution tracking data. It is not designed to store regulated data.
- No Protected Health Information (PHI)
- No FERPA-protected student records
- No payment card or financial account data
- No government-issued identification numbers
Customers are responsible for ensuring prohibited data is not uploaded.
Access Controls
- Role-based access control (RBAC)
- Application-level permissions
- Least-privilege configuration
- MFA available via Zoho accounts
Enterprise Documentation
A Data Processing Addendum (DPA), Security Addendum, and Subprocessor Disclosure are available upon written request.
Security inquiries: security@claritymetricsgroup.com