TRUST CENTER

Security controls, privacy operations and deployment transparency.

OpsKey CRM provides application-level safeguards and operational controls. Hosting, backup, legal and assurance requirements are finalised according to the selected deployment model.

Identity & Access

Password hashing, email verification, optional authenticator MFA, invitation-based access, session revocation and role controls.

Tenant Separation

Workspace-scoped records, restricted internal routes and controlled customer-facing portal access.

Private Files

Private storage path, allowlisted file types, upload limits, optional ClamAV scanning and download logging.

Auditability

Audit logs, security-event records, download logs, incident register and CSV audit export.

Privacy Operations

Public privacy-request submission and operator-side request register for access, correction, deletion and closure workflows.

Continuity Records

Retention profile, deployment model, data-region record, incident register and backup verification register.

ASSURANCE ROADMAP

Formal assurance claims require written evidence.

These topics can be included in enterprise or public-sector onboarding plans. They are not presented as completed certifications or guarantees unless separate evidence is supplied.

ISO/IEC 27001 CertificationNot claimed

Certification can be pursued through an authorised certification body as a later-stage programme.

SOC 2 AttestationNot claimed

A SOC 2 report can be considered when enterprise buyer requirements justify the external examination.

Independent Penetration TestExternal assessment required

Arrange a scoped third-party test before publishing any penetration-tested statement.

Availability SLAContract-specific

Monitoring supports evidence gathering. A binding uptime commitment must be defined in a signed agreement.

Government ProcurementBuyer-specific review

Security questionnaires, deployment scope and procurement documents are prepared according to each buyer's requirements.

Partner & Certification LogosWritten authorisation required

Official marks are displayed only when the applicable approval, report or brand authorisation is available.

Responsible positioning: OpsKey CRM does not claim ISO 27001 certification, SOC 2 attestation, government approval, bank-grade security, independent penetration-test completion or a guaranteed uptime percentage unless separate written evidence and applicable agreements are available.