Trust Center · April 2026

A sealed gateway between your work environment and Gr33t.

Core protection principle: Gr33t does not access the client's work environment. Data is retrieved through an extractor hosted and operated by the client. The extractor accepts no incoming connections — making it easier to secure. Data transmitted to Gr33t is pseudonymized through hashing and salting, with a key known only to the client.

CyberVadis 832/1000 EU hosting GDPR compliant

Simplified architecture diagram: the extractor, hosted in the client's IaaS, retrieves data from Microsoft Graph (Microsoft 365) and Azure Vault. It transmits pseudonymized data (hashed and salted, with a key known only to the client) to the Gr33t database. Users access the Gr33t interface via SSO. All flows are encrypted with TLS 1.3. — Simplified architecture — the extractor, operated by the client, accepts no incoming connections.