Your data is yours. We treat it that way.
CleanSmart is built for operators who handle real customer data. Every architectural decision starts from the assumption that your data is sensitive — because it is.
AES-256 at rest. TLS 1.2+ in transit. No exceptions.
Data is encrypted before it's written to disk using AES-256-GCM. Encryption keys are derived per dataset — not shared across customers — and managed by a dedicated key management service with automatic rotation every 90 days.
All network traffic — between your browser and CleanSmart, between CleanSmart and your connected CRM, and between CleanSmart's internal services — is protected by TLS 1.2 or TLS 1.3. Older protocols are rejected at the load balancer.
Your data never touches another customer's.
CleanSmart uses a strict per-customer isolation model. Each account gets its own encrypted storage namespace, its own encryption keys, and its own processing context. There is no shared database table, no shared S3 bucket prefix, and no shared queue that could allow data to bleed between accounts.
This is not a multi-tenant architecture with row-level security tacked on. Isolation is architectural, not logical.
- Separate encrypted storage namespace per customer account
- Per-customer encryption keys — your keys never decrypt another account's data
- Processing jobs run in isolated containers that are torn down after each run
- No shared caches, queues, or in-memory state between accounts
Delete your data anytime. Get a receipt you can verify.
You can delete any dataset, import, or your entire account from the CleanSmart settings at any time. Deletion is permanent and cryptographic — we shred the encryption key, making the data mathematically unrecoverable, even by us.
After every deletion, CleanSmart generates a signed deletion receipt: a timestamped, SHA-256-signed document confirming what was deleted, when, and by whom. You can verify the signature independently.
- Dataset-level, import-level, and full-account deletion available from settings
- Key shredding makes data unrecoverable — not just access-revoked
- Signed deletion receipts downloadable as PDF
- No retention beyond your configured period (default: 90 days)
- Data is removed from backups within 30 days of deletion
How we handle your data by default.
Sensible defaults, not buried settings. These are our baseline behaviors — not things you have to opt into.
We don't train on your data
Your datasets are never used to train CleanSmart's models. Cleaning runs are ephemeral — data is processed and cleared when the job completes.
Automatic data expiry
Datasets expire and are deleted after 90 days by default. You can set a shorter window, extend it, or delete immediately — your call.
No third-party data sharing
Your data is not shared with, sold to, or accessible by any third party. Sub-processors are limited to infrastructure (compute, storage) — no analytics vendors receive your records.
Full audit logs
Every action — import, cleaning run, review decision, export, deletion — is logged with a timestamp and user identity. Logs are retained for 12 months and exportable.
Connector credentials stay local
OAuth tokens and API keys used to connect your CRM are stored encrypted in your account's isolated credential store — never in shared config or environment variables.
Security documentation available
Detailed technical architecture docs, a data processing addendum (DPA), and a sub-processor list are available on request for enterprise procurement reviews.
Data you can clean. Architecture you can trust.
Start your free trial. No credit card, no lock-in, no hand-wavy security claims.
Start your free trial →Questions? Contact support