Trust Center
Security, privacy, and procurement documents
Everything a buyer, security reviewer, or enterprise procurement team needs — in one place. No sales call required to access any of these documents.
Important: Cerbi does not provide legal advice and does not certify DORA, GDPR, CCPA/CPRA, HIPAA, SOC 2, or other regulatory compliance. CerbiShield provides logging governance evidence that can support audit preparation and control review.
Overview
Security overview
CerbiShield deploys inside your Azure subscription. CerbiStream runs inside your application process. Cerbi does not receive raw log data. All governance decisions — field masking, violation detection, rule enforcement — happen on your infrastructure.
Privacy and cookies
Cerbi processes minimal personal data to operate cerbi.io. Analytics are only loaded after explicit cookie consent. Full details in the Privacy Policy and Cookie Policy documents below.
Subprocessors
The subprocessors list is publicly available and updated when processors change. CerbiShield in-tenant deployments run in your infrastructure and do not route data through Cerbi-managed systems.
DPA availability
A Data Processing Agreement is available on request at legal@cerbi.io. It covers EU SCCs, UK IDTA, and Swiss SCCs for controller/processor engagements.
Deployment model
CerbiShield deploys into the customer's Azure subscription via Azure Marketplace. No Cerbi data plane exists between the customer's logs and the governance control plane. AWS and GCP are on the roadmap.
Data handling model
CerbiShield receives governance metadata, violation evidence, scoring, profile version, service name, environment, and remediation context. Raw sensitive values are redacted or blocked in-process before any evidence is emitted.
Azure Marketplace buying guide
CerbiShield is available through Microsoft Azure Marketplace as a tenant-deployed SaaS application. Purchasing and deployment happen entirely through your Azure subscription — no separate Cerbi billing account is required.
- →Your Azure admin or a user with Owner/Contributor permissions initiates the purchase.
- →Marketplace billing runs through your Azure invoice — no separate credit card required.
- →Private Marketplace policies may restrict third-party purchases; confirm with your Azure admin.
- →CerbiShield deploys into your Azure tenant after purchase is complete.
- →Your data never transits Cerbi infrastructure.
Documents & policies
Support and contact
Security questionnaires, DPA requests, architecture reviews, and procurement questions — reach out at legal@cerbi.io or hello@cerbi.io.
