At Chkk, we take a privacy-first approach to data protection, ensuring that customer data is safeguarded throughout its lifecycle. Our philosophy is simple: collect only what is necessary, protect it at all costs, and provide transparency and control to our customers.

Data Collection & Minimization

We design our platform to minimize the data we collect. Chkk primarily analyzes metadata and configurations from Kubernetes environments—not customer application data. Our in-cluster connector gathers only essential information, such as cluster version details, configuration settings, and security events. By limiting data collection, we reduce risk and simplify compliance obligations.

Encryption in Transit & At Rest

All data transmitted between customer environments and Chkk is encrypted using TLS 1.2+, ensuring end-to-end protection in transit. Data at rest is safeguarded with AES-256 encryption, applied across databases, file storage, and backups. Encryption keys are managed using strict security controls, including regular key rotation and storage in secure Key Management Services (KMS).

Access Controls & Isolation

We enforce least privilege access across our platform, ensuring that only authorized users and services can access sensitive data. Role-based access control (RBAC) and multi-factor authentication (MFA) protect administrative access. Our multi-tenant architecture ensures complete logical separation of customer data, preventing any unauthorized cross-tenant access.

Data Retention & Deletion

Customer data is retained only as long as necessary to deliver our services. We maintain defined retention policies, automatically purging outdated or unnecessary data. Upon customer request or contract termination, all associated data is securely deleted using cryptographic erasure techniques to ensure that no residual information remains.

Customer Control & Transparency

We empower customers with full visibility into their data usage and provide mechanisms to support data subject rights requests under privacy regulations like GDPR and CCPA. Customers can access, export, and delete their data as needed, ensuring compliance with evolving privacy expectations.

Through these rigorous protections, Chkk ensures that customer data remains secure, private, and fully under your control.

For more details, visit the Chkk Trust Center to access FAQs, Security Documentation, Compliance Certificates, Penetration Testing reports, and other security resources.

Was this page helpful?