CPA firms trust Cranston with client books, tax documents, and firm workflows. That only works if the boundaries are explicit. Here they are.
Nothing your firm does in Cranston trains the AI models it runs on. Client documents, ledgers, and the workflows you build stay your firm’s edge, not anyone else’s.
Every firm’s data is isolated. The skills, processes, and client records you build inside Cranston are never pooled with, or visible to, other firms.
All data is encrypted with AES-256 at rest and TLS in transit. Point-in-time backups protect against loss without weakening the perimeter.
Nothing posts to a client ledger or leaves for filing unless your firm allows it. Every number is source-linked, so reviewers can audit the trail from output back to document.
Our SOC 2 audit is in progress with an independent auditor. We publish status honestly: until the report is issued, we say “in progress,” not “certified.” If your firm needs details for a vendor review, email hello@cranston.ai and we'll walk through our current controls and timeline.