Best would be if you or someone from Clay would get on a call with the customer. Here are the questions:
1. Which data is being collected?
2. Provide details on where the collected data is stored, specifying the region (Europe preferred) and whether it is encrypted.
3. Backup policy - What is the backup settings policy? (daily/hourly/ full/ incremental etc). For how long data is stored? Where is the data stored?
4. Do you support Google SAML authentication?
5. Who will have access to our tenant/data and why? UI & backend, need a list of employees and whether we can limit the access?
6. Do you comply with GDPR?
7. Provide latest PT report
8. Provide SOC2 report
9. Provide ISO27001 Certification
