Data Privacy & Compliance
Client Cove is committed to protecting your privacy and meeting the highest compliance standards. We follow industry best practices and maintain certifications that demonstrate our commitment to data protection.
Our Approach to Privacy
Our privacy principles are straightforward:
- Your data is yours — We never sell, share, or monetize your data
- Minimal collection — We only collect data necessary to provide the service
- Transparency — We are clear about what data we collect and why
- Control — You can access, export, or delete your data at any time
- Security by default — All data is encrypted and access-controlled
Compliance Certifications
Client Cove maintains the following certifications and compliance standards:
| Standard | Status | Description |
|---|---|---|
| SOC 2 Type II | Certified | Annual audit of security, availability, and confidentiality controls |
| GDPR | Compliant | European data protection regulation compliance |
| CCPA | Compliant | California Consumer Privacy Act compliance |
| HIPAA | Available | Health data protection (available on Enterprise plans) |
| ISO 27001 | In Progress | Information security management system certification |
GDPR
For users in the European Economic Area (EEA), Client Cove complies fully with the General Data Protection Regulation:
- Data Processing Agreement (DPA) — Available on request for all customers
- Lawful basis — We process data based on legitimate interest and contractual necessity
- Data minimization — We collect only what is needed for the service
- Right to erasure — You can request deletion of your personal data
- Data portability — Export your data in standard formats at any time
- Breach notification — We notify affected users within 72 hours of discovering a breach
Data Residency
Client Cove offers data residency options:
- United States — Default for North American customers
- European Union — Available for EU customers and required for some compliance needs
- Custom regions — Enterprise customers can request specific data residency configurations
Your service provider selects the data region during setup. Contact them if you need to know where your data is stored.
Your Rights
As a Client Cove user, you have the right to:
- Access — Request a copy of all personal data we hold about you
- Correction — Request corrections to inaccurate personal data
- Deletion — Request deletion of your personal data
- Export — Download your data in a machine-readable format
- Object — Object to certain types of data processing
To exercise any of these rights, go to Settings then Privacy or contact your service provider.