CLEAP understands that the services provided to you or performed on your behalf involve a great deal of trust on your part. We take this trust very seriously, and make it our highest priority to ensure the security and confidentiality of the data provided to us. Our following policy describes our main security practices regarding our infrastructure.

CLEAP solutions are built with and approach whereby each of the web frontend, backgoudn data processing and database components are split in sections to ensure a strict separation between them. These sections run on specific private instance per customer, avoiding any multi-tenancy issues. Latest Firewals and security monitoring technology is used on all servers to to detect and deal with possible attacks.

The data used by CLEAP is extracted from core systems at our customers and then transferred to the CLEAP platform. Data is processed with Data Quality Rules set by the customers and any inconsistent or missing data is automatically corrected.

Production data is not regularly accessible by CLEAP personnel; operational processes in production are done by means of continuous delivery and automated deployment, avoiding error-prone and risky manual steps. The development environment is identical but separate from the production environment and uses only test data. Data is encrypted in-transit and at-rest wherever possible. Backups are made daily and recovery is possible anytime. Datasets are selectively anonymized as required by GDPR rules, and data is securely disposed when an instance is decommissioned. The solution provides role-based access control for users, to ensure they only have access to those parts of the data set they need to do their job. User passwords are hashed and

CLEAP is hosted in modern datacenters in Switzerland, where confidentiality, security and quality is of upmost importance because the host data from multi-industries clients, including Banks. It provides a very high degree of connectivity, security and maintenance. The hosting partner is ISO 27001 certified. No servers are present at the CLEAP office location, there is a strict separation between development work (on workstations at the office location) and production work (on servers at the datacenter locations).

Regular penetration tests are performed by reputed firms to have a realistic assessment of vulnerabilities in relation to real-life threats; potential issues found are quickly addressed and resolved.

CLEAP re-inforces its Data Privacy and Infrastructure Security policies to all employees and sub-contractors including the hosting partner. Anyone involved in solution development or data processing or maintenance signs a compliance statement and is responsible for its consequences.