Security & Trust Center

At ShareCRM, we safeguard the data of 6,000+ enterprises worldwide with end-to-end protection, independent audits, and a security team you can reach anytime.

Security & Trust Center

99.9%

Uptime SLA

99.99%

Data durability

5min

RPO · Incremental backup

4

AWS global regions

Compliance & Certifications

SOC 2 Type II

Audit & assurance

ISO 27001

Information security

ISO 27701

Privacy

ISO 42001

AI governance

ISO 9001

Quality

ISO 20000-1

IT service

Additional regional compliance:
Aligned with 50+ data protection laws worldwide, including GDPR, CCPA, and LGPD.

Shared Responsibility Model

01

Security ON the Cloud

Your team: Manage users, roles, MFA, and SSO. Configure IP allowlists, classify data, and govern device access.

02

Security IN the Cloud

ShareCRM: Application security, tenant isolation, encryption, network defense (DDoS / WAF / NIDS), DevSecOps, and AI governance.

03

Security OF the Cloud

AWS: Physical data centers, compute and storage hardware, virtualization, network backbone, and IAM foundations.

Defense in depth at every layer

Encryption

TLS 1.2 / 1.3 in transit. AES-256 at rest with a dedicated key management system. Field-level encryption for sensitive data.

Tenant Isolation

Logical isolation by default. Dedicated database deployment with file-level encryption available for stricter isolation needs.

Access Control

Fine-grained RBAC with field-level permissions. Full audit trail for every data change.

Network Defense

DDoS protection, intelligent WAF, and network intrusion detection (NIDS) at the system boundary, built on AWS.

Secure SDLC

SAST and DAST throughout the development lifecycle. Code audits for every change. Annual third-party penetration testing.

Vulnerability Management

Continuous scanning with SAST, DAST, and CVE dependency checks. Critical issues resolved within the same week.

Backup & Recovery

Daily full backups plus continuous 5-min incremental. Multi-AZ replication across availability zones with automatic failover.

Privacy & DSR

GDPR-aligned with a dedicated DPO. Access, rectification, portability, and erasure rights fully supported.

Trusted AI for the enterprise

All LLM connections enforce contractual Zero Data Retention

We don't train on your data

Every LLM provider we integrate with contractually guarantees zero data retention. Your inputs and outputs are never used to train any model.

Sensitive data never leaks

Sensitive fields are masked before any data reaches an LLM. What we send is what is needed, nothing more.

Every AI action is logged

Each AI session is logged with full request and response data, so you can audit exactly what happened, when, and why.

Regional routing by default

Tenants stay in their region. EU routes through Frankfurt, APAC through Hong Kong and Singapore, North America through US Bedrock. Sovereignty enforced at the platform layer.

Frequently Asked Questions

ShareCRM runs on AWS across four global regions: North America, Frankfurt, Hong Kong, and Singapore. Your data is hosted in the region tied to your contracting entity to meet local data residency requirements. Each region runs as an independent high-availability environment with Multi-AZ redundancy.

Data is encrypted in transit using TLS 1.2 / 1.3, and at rest using AES-256 managed through a dedicated key management system. Sensitive fields such as login credentials and personally identifiable information receive additional field-level encryption.

No. Every LLM provider we integrate with, including AWS Bedrock, Anthropic, Google Cloud, and Azure OpenAI, contractually guarantees zero data retention. Sensitive fields are masked before any data reaches a model, and each tenant AI session context is fully isolated. Your data is never used to train any model.

ShareCRM holds SOC 2 Type II, ISO 27001 for information security, ISO 27701 for privacy, ISO 42001 for AI governance, ISO 9001 for quality management, and ISO 20000-1 for IT service management.

By default, tenant data is stored in shared databases with logical isolation. Every record carries an encrypted tenant identifier, and access is enforced at the application layer through metadata-driven path resolution. For higher assurance, enterprises can choose dedicated database deployment with file-level transparent data encryption for physical isolation from other tenants.

Each database receives daily full backups and incremental backups every five minutes. Data is replicated across multiple availability zones with automatic failover, and our infrastructure is designed for enterprise-grade ten-nine data durability.

ShareCRM is GDPR-aligned and operates a standardized data subject rights process. We support access and portability through machine-readable export, correction, and deletion. After contract termination, your data enters a 30-day buffer period and is then securely destroyed across production and backup environments.