ClearStaffSecurity and privacy by design
Staff compliance data is sensitive. We treat it that way.
Australian cloud hosting
All customer data is stored in Australian AWS regions. We do not send staff data offshore.
Private document storage
Documents are stored in private S3 storage. There are no public file URLs. All access requires authentication and uses short-lived signed URLs.
Access logging
Every document view, download and sensitive action is recorded in an append-only audit log. Logs cannot be edited or deleted.
Tenant isolation
Each organisation's data is strictly separated. No query can access another organisation's records. We test tenant isolation on every release.
Role-based access
Owner, Manager/Admin and Staff roles control what each user can see and do. Staff can only view their own profile and documents.