Trust & Security
Automotive teams trust Carfluence with sensitive dealership and inventory data. Protecting it is foundational to everything we build.
Our controls are aligned to the SOC 2 Trust Services Criteria across security, availability, and confidentiality.
Data is encrypted in transit with TLS 1.2+ and encrypted at rest using industry-standard AES-256.
Least-privilege access, role-based permissions, and scoped API keys govern who can reach your data.
Services run on hardened, monitored infrastructure with network isolation and regular patching.
Continuous monitoring, audit logging, and alerting help us detect and respond to anomalies quickly.
Third-party providers are assessed for security posture before they process any customer data.
Your data belongs to you. You can access and export your data through the platform and APIs at any time, and request deletion in accordance with our Privacy Policy.
We welcome reports from the security community. If you believe you have found a vulnerability in a Carfluence product, please report it to us privately so we can investigate and remediate before any public disclosure.
For SOC 2 reports, security questionnaires, or a copy of our data processing terms, please reach out to our team through the contact page.