The CRM your CISO, GC, and CIO will sign off on.
Claritas is the unified customer platform engineered for enterprise IT requirements: SOC 2 Type II, ISO 27001, PDPA, GDPR. Single tenancy and data residency available on request. Penetration tested annually.
Enterprise security as the default — not the upgrade.
Every Claritas deployment ships with the controls below included. No security paywall. No "Enterprise+" bundle for the basics every modern CRM should have.
AES-256 at rest. TLS 1.3 in transit. Per-tenant encryption keys on enterprise. Bring your own KMS via AWS / Azure.
Shared multi-tenant by default. Single-tenant Postgres + dedicated app instance for enterprise contracts. ap-southeast-1 / eu-west / your region.
Every read, write, delete, and admin action logged. 7-year retention. SIEM-ready exports (Splunk, Datadog, Sumo).
Choose your region: Malaysia (PDPA), Singapore, EU (GDPR), US, or your private cloud. Data never leaves the region you pick.
External red team engagement every 12 months. Latest report available under NDA. CVE-style disclosure for any finding above CVSS 4.0.
On-call security engineering. RPO ≤ 1h, RTO ≤ 4h on enterprise. Status page + customer notification within 30 min of any P1.
Marketing. Sales. Service. One platform of record.
Audiences drawn from a unified record. Every send measured against the customer's full journey, not the campaign's window.
Read the briefPipeline as discipline. Forecasts you can defend in any board meeting. AI-assisted, never AI-replaced.
Read the briefResolution as the only metric that holds. Every ticket, customer, and history in one elegant timeline.
Read the briefProcurement-ready, on day one.
| Requirement | Availability | Included | Notes |
|---|---|---|---|
| SOC 2 Type II report | Available on request | Provided in 24h under NDA | |
| ISO 27001:2022 certificate | Available | Latest issued Jan 2026 | |
| DPA (Data Processing Addendum) | Standard | Pre-signed, our paper or yours | |
| MSA (Master Services Agreement) | Standard or bespoke | 60-day legal cycle typical | |
| Single tenancy | Enterprise tier | Dedicated DB + app, ap-southeast-1 | |
| Data residency selection | Enterprise tier | MY · SG · EU · US · private cloud | |
| Self-hosted deployment | Enterprise tier | On-prem, VPC, or air-gapped | |
| SAML SSO + SCIM provisioning | All tiers | Okta · Azure AD · OneLogin · Google | |
| Custom audit log retention | Up to 7 years | SIEM exports included | |
| 24/7 P1 support with SLA | Enterprise tier | 1-hour response, 4-hour resolution |
Transparent. Predictable. Audit-ready.
- SOC 2 + ISO 27001
- SAML SSO
- Audit logs (1yr)
- Email support
- Everything in Growth
- SCIM provisioning
- Audit logs (3yr)
- Priority support · 4h SLA
- Single tenancy + residency
- Self-host option
- Audit logs (7yr) + SIEM
- 24/7 P1 + dedicated CSM
Procurement-ready. On day one.
Download the trust pack, send your security questionnaire, or talk to enterprise sales. Most procurements close in 60 days.