How Encryption Works In Clarus
This page provides a high-level overview of how Clarus protects your data with encryption.
Automatic Encryption
All encryption in Clarus is automatic. When you create a document, write content, or receive AI feedback, the data is encrypted before it is stored. You do not need to configure anything or manage keys yourself.
Encryption Standard
Clarus uses AES-256-GCM, an industry-standard encryption algorithm trusted by financial institutions and government organizations worldwide. Every piece of content gets a unique initialization vector, ensuring that even identical text produces different ciphertext.
Key Management
Encryption keys are managed automatically:
- Per-user keys — each user has their own encryption key, created when they sign up
- Per-document keys — each document has its own encryption key, created when the document is created
- Automatic rotation — when you revoke a collaborator's access, the document key is automatically rotated
You never need to see, copy, or manage these keys. They are handled entirely by the platform.
Data Recovery
Your encrypted data is always recoverable as long as you can sign in to your account. Encryption is transparent — you read and write in plaintext, and Clarus handles the encryption and decryption behind the scenes.