Security at ClovaLink
Your data security is our top priority. Learn how we protect your information at every level.
End-to-End Encryption
All files are encrypted before they leave your device and can only be decrypted by authorized recipients. This means that even we cannot access your data.
- AES-256 encryption for all stored data
- TLS 1.3 for all data in transit
- Client-side encryption for maximum privacy
Access Controls
Granular permissions ensure that only authorized users can access your files, with detailed activity tracking for all actions.
- Role-based access control (RBAC)
- Time-limited access links
- Password-protected sharing
Compliance & Certifications
ClovaLink is designed to help you meet regulatory requirements and industry standards.
GDPR Compliant
Our platform is fully compliant with the General Data Protection Regulation, ensuring your data is handled according to EU standards.
HIPAA Ready
ClovaLink can be used as part of a HIPAA-compliant workflow for healthcare organizations handling protected health information.
SOC 2 Aligned
Our security practices align with SOC 2 principles for security, availability, processing integrity, confidentiality, and privacy.
Security Practices
Regular Security Audits
We conduct regular security audits and penetration testing to identify and address potential vulnerabilities.
Open Source Transparency
Our open-source approach means that our code is publicly available for review, ensuring transparency and community-driven security improvements.
Responsible Disclosure Program
We welcome security researchers to responsibly disclose any vulnerabilities they discover, and we commit to addressing them promptly.