Isolation by default
Per-tenant separation at compute and data layers, with BYOK encryption.
How Closora collects, uses, and protects your information across our products and website.
Our commitments
This document explains how Closora handles your information when you use our products and website. We design for least-privilege access, tenant isolation, and auditability by default.
We process account information, finance documents and ERP data you connect, and product usage telemetry. Customer financial data is isolated per tenant and, where elected, encrypted with your own keys (BYOK).
We do not use customer financial data to train shared models except with explicit opt-in.
To provide the service, run agents and verifiers, generate audit trails, and support you. Aggregate, de-identified telemetry helps us improve reliability.
We share data only with subprocessors necessary to deliver the service, under contract, and never sell personal information.
SOC 2 Type II controls, encryption in transit and at rest, per-tenant isolation, immutable audit logging, and annual penetration testing with a public bug-bounty program.
You may access, correct, export, or delete your information subject to legal retention obligations. Contact us to exercise these rights.
We retain data for the life of your contract and a limited period thereafter for legal and audit purposes, then delete or de-identify it.
Where data crosses borders, we rely on appropriate safeguards such as Standard Contractual Clauses and regional data residency options.
We may update this document and will post the revised version with a new effective date.
For questions, email legal@tryclosora.com or write to Closora Ltd., San Francisco, CA.
Last updated 2026. This document is a template for demonstration and is not legal advice.
Per-tenant separation at compute and data layers, with BYOK encryption.
Every agent action is recorded in an immutable, append-only trail.
Policy gates decide where agents act and where humans sign off.
| Provider | Purpose | Region |
|---|---|---|
| Cloud infrastructure | Compute & storage | US / EU |
| Model serving | Accelerated inference | US / EU |
| Email delivery | Transactional email | US |
| Analytics | De-identified telemetry | US |
Default region for SaaS customers.
EU residency with SCCs and GDPR alignment.
VPC / BYOC and air-gapped options for full control.
Request a copy of the information we hold about you.
Update inaccurate or incomplete information.
Request deletion, subject to legal retention obligations.
See how Closora keeps your finance data secure and auditable.