Trust Center

Everything an enterprise procurement team needs to evaluate Crawlmind without a sales call.

Compliance posture

SOC 2 Type II observation in progress. GDPR, CCPA. ISO 27001 on the 2026 roadmap.

SOC 2 Type II: observation period

Sub-processors

Every third party that touches customer data, including data residency and DPAs.

Security practices

Encryption at rest, key rotation, BYOK, access control, incident response.

Vulnerability disclosure

How to report a security issue. Includes our PGP key and bug-bounty link.

Pen-test summary

Latest quarterly external test summary, redacted for public release.

Due-diligence questionnaires

SIG-Lite, CAIQ, VSA-Full. Light gating; delivered immediately.

System status

Live status, incident history, and SLA evidence at status.crawlmind.ai .

Security contact

Email [email protected] for disclosures, questionnaire access, or compliance questions. Our PGP key is on the vulnerability-disclosure page.