Clearskies connects AI to revenue context without creating a shadow access layer. Permissions, security logging, and source-level controls follow your existing data rules.
Clearskies is built by Scratchpad, and our shared Scratchpad Trust Center covers Clearskies security materials. Customers and qualified prospects can request access to SOC 2 Type II documentation, security monitoring, system status, and supporting diligence materials.
Clearskies is SOC 2 Type II compliant. Customers and qualified prospects can request access through the Trust Center, along with additional security documentation needed for procurement or vendor risk review.
Our data practices are aligned with GDPR and CCPA. A Data Processing Addendum (DPA) is available for customers who require it — view DPA.
For questions that are not covered in the Trust Center, contact security@clearskies.cc.
Customer data is encrypted in transit and at rest, including the data Clearskies uses to build and serve revenue context.
AI workflows inherit the permissions and source-level controls already present in the systems Clearskies connects to.
Governed workflows need visibility. Clearskies is designed so security-relevant access and activity can be reviewed as part of diligence.
Each customer's revenue context graph is logically isolated. No customer can access another's data or context.
Clearskies production infrastructure is hosted on AWS in US regions. All data is encrypted in transit (TLS 1.2+) and at rest.
Clearskies does not develop or train AI models. Customer data is used to build and serve a governed revenue context layer for authorized workflows, not to train AI models.
Clearskies gives AI the context required for approved revenue workflows without asking every AI client to connect directly to every business system.
Claude, ChatGPT, internal agents, and other tools can use the same governed context layer, reducing drift across tools, users, and prompts.
Model-provider handling, retention, and customer-data questions can be reviewed through the Trust Center or directly with the Clearskies security team.
SOC 2 Type II report and supporting security documentation
Real-time security monitoring and system status
Subprocessor and vendor risk information
Additional artifacts for vendor questionnaires and procurement review
Security teams can request additional documentation, ask about customer data handling, or route vendor risk questions to security@clearskies.cc.
| Company | Scratchpad, Inc. (operates Clearskies) |
|---|---|
| Certification | SOC 2 Type II |
| Audit period | April 16, 2025 - April 15, 2026 |
| Auditor | Linford & Co LLP |
| Infrastructure | AWS (US-based) |
| Compliance | GDPR-aligned, CCPA-aligned |
| Customer data training | No - Clearskies does not develop or train AI models, and customer data is not used to train AI models. |
| Data isolation | Logically isolated per customer |
| Data deletion | Within 90 days of valid request |
| Documentation | trust.scratchpad.com (NDA required) |
| Subprocessors | scratchpad.com/subprocessors |
| DPA | scratchpad.com/legal/data-processing-addendum |
| Security contact | security@clearskies.cc |