Governance

Compliance basics

Framework alignment depends on how and where you deploy. Use this page as a starting checklist with your legal and infra teams.

PDPL-ready*

Planning

DPA

By contract

SOC path*

Roadmap

Rolling

Last reviewed

Data protection

Map personal data flows between CRM entities, users, and integrations in your tenant.
Define retention and deletion procedures consistent with your policies and jurisdiction.

Multi-tenant SaaS operators should document cross-border transfers and subprocessors.
Regulated industries may require additional controls — cover them in your enterprise agreement.

Request questionnaires, architecture reviews, or penetration-test summaries through your sales or security contact.
Operational evidence (logs, change management) stays under your administrative control when self-hosted.