Trust Center
Everything an enterprise procurement team needs to evaluate Crawlmind without a sales call.
Compliance posture
SOC 2 Type II observation in progress. GDPR, CCPA. ISO 27001 on the 2026 roadmap.
SOC 2 Type II: observation periodSub-processors
Every third party that touches customer data, including data residency and DPAs.
Security practices
Encryption in transit and at rest, application-layer secret encryption, RBAC, SSRF protection, incident response.
Vulnerability disclosure
How to report a security issue. Includes our PGP key and bug-bounty link.
Pen-test summary
Independent external penetration testing; redacted summary available under NDA.
Due-diligence questionnaires
SIG-Lite, CAIQ, VSA. Completed and shared on request via our security team.
System status
Live status, incident history, and SLA evidence at status.crawlmind.ai .
Security contact
Email [email protected] for disclosures, questionnaire access, or compliance questions. Our PGP key is on the vulnerability-disclosure page.