SECURITY
The most secure thing we do is leave your data alone.
Klaritics is self-hosted by design and warehouse-native by architecture. There is no Klaritics cloud, no vendor data lake, and no outbound data path. Your raw events never leave your warehouse, and your aggregated results never leave your environment.
self-hosted
deployment model by default
0 export
of raw events to vendor cloud
air-gapped
support for high-security environments
auditable
query and access behavior
Compliance and security posture
Klaritics is designed for teams that need strict data residency and clear trust boundaries. These frameworks represent common deployment requirements.
SOC 2 Type II
ISO 27001
GDPR
HIPAA-ready
CCPA
Our architectural advantage
Klaritics keeps trust boundaries explicit: analytics execution stays in your environment, and optional licensing traffic never carries customer event payloads.
Most product analytics tools require shipping every event to vendor infrastructure. Klaritics runs inside your perimeter instead, with only optional license validation traffic outside your network.
What runs in YOUR environment
- The entire Klaritics application
- All raw and aggregated query data
- All user accounts, dashboards, and configuration
- All audit logs and telemetry
- The query engine, the UI, the API, every component
What runs in OURS
- The license validation endpoint (configurable; air-gapped deployments skip it entirely)
- Optional: anonymous, opt-in usage telemetry (off by default; can be permanently disabled)
- That's it.
Compliance posture by deployment model
Pick the deployment footprint that matches your regulatory profile. Klaritics supports a progressive path from standard cloud controls to fully isolated environments.
| Deployment | Suitable for |
|---|---|
| Public cloud Kubernetes | SOC 2, ISO 27001, GDPR, CCPA |
| Private cloud / VPC | HIPAA, PCI-DSS |
| On-premises | Above + financial services compliance |
| Air-gapped (Enterprise) | Defense, intelligence, sovereign cloud, FedRAMP-friendly |
Need security documentation for internal review?
We can share architecture details, deployment guidance, and security posture documents to support technical diligence and procurement workflows.