How we protect your data
Cleverer is built for organisations that need confidence in how compliance data is handled. Security is not just something we talk about. It is part of how the platform is operated, maintained, and protected day to day.
At a glance
Security is part of the service, not an afterthought.
Cleverer handles information that matters to businesses, including account details, organisation information, compliance activity, reporting records, and certificate-related data. That means the platform has to be operated with care, discipline, and practical controls that reduce risk.
Built for trust-sensitive use
Cleverer is designed for organisations that handle sensitive information and need confidence that their compliance platform is being operated responsibly, not treated like a lightweight marketing site.
Practical, defensible controls
Our focus is on sensible, maintainable protections that support secure operation, reduce avoidable exposure, and align with the broader idea of reasonable steps.
Information we protect
The type of information handled by Cleverer depends on how an organisation uses the platform, but typically includes account, team, compliance, and certificate-related information.
User details
Names, email addresses, roles, and related account information.
Organisation details
Business and billing-related account information relevant to the service.
Compliance records
Assignments, progress, certifications, reporting data, and related evidence records.
Payment information handling
Payments are processed through Stripe, a dedicated payment provider. Cleverer does not store full card details directly, which helps reduce risk and ensures payment information is handled by systems designed specifically for that purpose.
How Cleverer is protected
We use a combination of infrastructure, access, operational, and monitoring controls to help protect the platform and the information it holds.
Isolated infrastructure
Cleverer is hosted on isolated virtual infrastructure in Australia rather than general low-cost shared hosting, helping reduce unnecessary exposure and improve control over the environment.
Hardened environment
The platform runs on a security-conscious hosting stack with practical hardening measures, controlled configuration, and an approach focused on stability and risk reduction.
Encryption
Data is protected in transit and at rest using appropriate encryption and security controls designed to help protect customer information.
Role-based access
Access to data and administration functions is controlled according to role and operational need, helping limit unnecessary access.
Audit logging
Platform activity and key actions are logged to support oversight, accountability, troubleshooting, and operational traceability.
Backups and resilience
Backups form part of our operating approach to help support resilience, continuity, and recovery where needed.
Patching and maintenance
We apply ongoing maintenance, updates, and patching as part of keeping the platform stable and reducing avoidable security risk.
Vulnerability management
We perform vulnerability scanning and ongoing review as part of our security and maintenance practices.
Secure service operations
The platform is operated with an emphasis on practical security, controlled access, and responsible handling of customer information.
Payment security
Cleverer uses Stripe for payment processing. That means payment card handling is managed by a specialist payment provider rather than being stored directly in the Cleverer platform.
What this means in practice
Cleverer does not store full card details on the platform. Using a dedicated payment provider helps reduce direct card-data handling exposure while supporting secure subscription billing.
Aligned to practical privacy and compliance expectations
Cleverer is built for Australian businesses and is operated with privacy, accountability, and evidence in mind. Our approach is intended to support practical expectations around protecting information and maintaining responsible operational controls.
Privacy Act 1988
Cleverer is operated in an Australian context, with privacy and information handling practices designed to support responsible business use.
APP 11
Our operating approach is consistent with the idea of taking reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access.
Notifiable Data Breaches
Security and privacy are treated as ongoing operational responsibilities, not just marketing statements or one-off setup tasks.
Relevant to broader security and governance expectations
Cleverer is not presented as a replacement for a full security program or formal certification pathway. However, the platform is designed in a way that supports broader governance, visibility, and evidence needs relevant to recognised frameworks and business expectations.
SMB1001
Supports people, evidence, and oversight elements relevant to SMB cyber compliance expectations.
Essential Eight
Relevant as part of a broader compliance and security posture, particularly around governance and behaviour.
ISO 27001
Supports broader governance and evidence expectations that may sit alongside an organisation’s wider security program.
APRA CPS 234
Relevant to organisations that need stronger visibility, accountability, and evidence in support of operational oversight.
Security is an ongoing practice
No online system can promise absolute security. What matters is whether security is taken seriously, operated responsibly, reviewed continuously, and supported by sensible controls. That is the approach we take with Cleverer.
Our position
Cleverer is built around a practical principle: reasonable steps, consistently applied, clearly managed, and supported by evidence.
Questions about security or data handling?
If your business needs more clarity on how Cleverer handles platform security, privacy, and compliance-related information, contact us and we will point you in the right direction.
