SOC 2 Type II certified · GDPR compliant
Your data, your control
Every feature is built with security as a constraint, not an afterthought. Ensure data stays protected with fine-grained permissions and enforceable multi-factor authentication.
Federated sign-on
Plug Conduit into Okta, Entra ID, Google Workspace, or any SAML 2.0 provider. Your team signs in with credentials they already manage, no standalone passwords, no shadow accounts to clean up later.
Permissions that match your org
Model your actual hierarchy, rep territories, account ownership, approval chains, object-level visibility. Fine-grained RBAC means an SDR can't send a master-tier quote and an intern can't approve an RMA credit.
Directory sync with SCIM
Onboard and offboard through your identity provider. When a rep leaves, their access to pricing, customer records, and draft queues evaporates the same minute HR flips the switch — no leftover seats, no tickets to file.
Complete activity trail
Every draft edited, quote sent, pricing override, and integration call is timestamped, attributed, and exportable. When an auditor asks what happened to Order #48210, you answer with a JSON export — not a screenshot tour.
Your corpus stays yours
Conduit doesn't train foundation models on your customer data — not ours, not the underlying providers we use. Prompts and retrievals are processed in-session, scoped to your tenant, and never contribute to shared model weights.
Encrypted end to end
AES-256 at rest, TLS 1.3 in transit. Tenant data is logically isolated, secrets live in a managed KMS with rotation on a schedule you can see, and ERP credentials sit inside a secure enclave — out of application memory and out of model context.
Compliance
Procurement-ready from day one.
Conduit is built against the certifications and frameworks your security team already has a questionnaire for, so the review moves quickly and the rollout doesn't stall on paperwork.
SOC 2 Type II
Independently audited every year for security, availability, and confidentiality. The latest report is available under MNDA through our Trust Center.
GDPR
EU data protections covered end-to-end: data processing agreements, subprocessor disclosure, right-to-erasure workflows, and breach notification SLAs we actually hit.
CCPA
California privacy rights honored by default. Opt-outs, data access requests, and deletion flows are exposed through an API your legal team can test and audit.
Frequently asked questions
Do you train AI models on our inventory or customer data?
No. Your data is never used to train our models or any third-party models, and we operate under zero-retention agreements with all model providers in our stack.
Do you support SSO and SCIM provisioning?
How are our ERP and CRM credentials protected?
Will you sign a Data Processing Agreement (DPA)?
© 2026 Conduit Commerce. All rights reserved.
Solutions
Products