Skip to main content

Security

Security controls and operational reliability

CleverCat applies practical controls to protect customer data and keep service operations stable.

Read privacy
Open procurement pack
Report an issue

SOC 2 report available?

No public SOC 2 report is published on this site today.

We are continuing to mature our security and operational controls. Formal attestation may be pursued in the future, but there is no report available today.

DPA available for download?

A public DPA review draft is available at /dpa, but no approved execution copy is published for download today.

Use support for signatures or redlines. The /dpa page is the current standard-form review draft and includes print-to-PDF export for internal review, but it is not the executed signature copy.

Review DPA draft

How is data retention handled?

Portal-scoped app records are retained for app operation and support review until they are updated, deleted, or offboarded.

Current repo docs also show active pruning for OAuth state records at 10 minutes and ops events at 30 days, plus backup retention that can preserve deleted portal rows for up to 30 days.

How are incidents communicated?

Service updates are posted on /status, and portal-specific follow-up continues through the support mailbox.

Status and uptime now separate service degradation from status-feed failures so buyers can tell which layer is failing.

What are support hours?

Monday-Friday, 9:00 AM to 5:00 PM America/Los_Angeles.

Email-first via support@clevercat.app. Coverage is limited on weekends and US holidays.

What are the response targets?

General support first response target: within 1 business day.

Production-blocking issues with no viable workaround are prioritized with a first response target of within 4 business hours during support hours. Docs, pricing, and low-severity questions target a first response within 2 business days.

Transport security

  • Traffic to our site and app is encrypted in transit using TLS.
  • Production endpoints are not intended for plaintext access.

Least privilege and access controls

  • Scope requests are app-specific and limited to shipped behavior. See DupliCat scopes, PressKit scopes, and TabCalendar scopes.
  • OAuth installs use anti-forgery safeguards during authorization.
  • OAuth tokens are scoped per customer account and protected in storage.

Data handling

  • We collect and store only data needed for supported app behavior and support operations.
  • In OAuth mode, OAuth token data is encrypted at rest.
  • DupliCat clone operations process CRM record data entirely in server memory. Property values are never written to disk, cached, queued, or included in logs. After the clone response completes, all in-memory CRM data is discarded. DupliCat does not provide a separate per-run customer-facing audit trail. CleverCat retains minimal operation records for support and operational review. Clone operation records store only record IDs, object type, status, and configuration flags. Those records exclude property names and property values. For record-level verification, use HubSpot property history and the record activity timeline. See Privacy for the full clone data lifecycle.
  • App boundaries and current constraints are published at DupliCat limitations, PressKit limitations, and TabCalendar limitations.

High-level data flow

  1. HubSpot admins install an app and authorize OAuth scopes for supported behavior.
  2. Runtime requests execute within account-scoped app services.
  3. CleverCat stores minimal portal-scoped operational metadata needed for app behavior and support.
  4. Health, status, and trust surfaces publish service signals and operating disclosures on this site.

For app-specific scope and boundary details, use app docs plus privacy and subprocessors.

Monitoring and service signals

  • Service signals are published on the status page and uptime monitor.
  • App-specific limitations and operational boundaries are documented in each app's docs.
  • For production-impacting issues, use the P1 intake path on Support.
  • DPA review and signature requests use the public DPA draft plus the support mailbox for execution handling.

Operational logs and retention posture

  • Active prune windows currently documented in repo: OAuth state records after 10 minutes, and ops-event records after 30 days.
  • Portal-scoped app records are otherwise retained until settings change, data is offboarded, or manual cleanup runs.
  • Current DupliCat runbooks describe daily backups with 30-day retention, so deleted portal rows can remain recoverable from backups until that window expires.

App-level security references

Backup and restore

  • HubSpot is the system of record for customer CRM data. CleverCat does not maintain independent customer CRM payload backups.
  • We back up/version operational assets required for service recovery, including source code, deployment configuration, and runbooks.
  • Service restoration follows validated recovery procedures and checks for key customer flows.
  • Because customer CRM data is not backed up by CleverCat, CRM record restoration is performed in HubSpot, not from CleverCat backups.

Vulnerability disclosure path

Report security concerns to support@clevercat.app with subject line: Security Report. Include impact, reproduction steps, and any relevant logs or screenshots.

For production-impacting security incidents, include account context and current workaround status in the first message.