CITRICLOUD — Building Digital Experiences

CITRICLOUD

Trust Center

Security, privacy, and operational transparency in one place — built for builders and procurement alike.

Secure lock representing platform trust

Trust you can verify

Controls, policies, and status — not marketing slogans.

CITRICLOUD ships with SOC2-minded defaults: identity at the edge, TLS everywhere, isolated tenant workloads, and reviewable GitOps changes.

This Trust Center collects the documents and contact paths customers use during security reviews, renewals, and onboarding.

Pillars

What trust means here

Four continuous commitments — documented, operable, and owned by the platform team.

Security controls

Identity, edge protections, tenant isolation, and GitOps change integrity documented for procurement and engineering reviews.

Privacy posture

EU-minded hosting defaults, clear retention practices, and a Privacy Policy that maps to how the platform actually runs.

Availability

Public status, incident communication paths, and operational runbooks so customers know what “up” means.

Compliance readiness

SOC2-minded control inventory, questionnaire support, and architecture reviews for Scale and enterprise buyers.

Infrastructure and production systems

Operable by design

If it cannot be observed, rolled back, or explained, it is not finished.

Trust is not a PDF. It is how changes land in production, how identity gates sensitive surfaces, and how we tell you when something breaks.

FAQ

Where is data hosted?

We aim to host core platform workloads in the EU. Enterprise agreements can document residency expectations for your workloads.

Do you support SSO and 2FA?

Yes — Authelia 2FA for operators and Keycloak federation patterns for tenant identity. Enterprise plans add SSO depth and dedicated review.

How do we run a security questionnaire?

Send it via Contact or admin@citricloud.com with subject Security. We map questions to platform controls and share relevant artifacts.

How are incidents communicated?

Status page updates for platform incidents, plus direct customer communication for impact that affects your tenants.

Need a deeper review?

Send questionnaires or schedule an architecture walkthrough with our team.

Contact trustSecurity