CloudRaker Trust Center

Trust facts for RakerOne deployments.

Security reviews need plain facts, not borrowed badges. This page explains how RakerOne separates AI reasoning from system execution, where customer data can run, which vendors may process data, and what review materials are available.

Execution boundary

Reasoning is not execution

Models propose intents. Customer-scoped services validate, authorize, execute, and audit the approved action.

Deployment choice

Residency is selected by order

Quebec, Canada-only, broader Canadian, USA, and EU hosting patterns are mapped before deployment.

Current list

Sub-processors are listed

Infrastructure, identity, edge, storage, and model providers are documented below and updated as the stack changes.

Review posture

What security teams can evaluate today.

CloudRaker can support diligence with architecture detail, contractual controls, residency choices, and the current sub-processor schedule. Third-party certifications are listed only when there is a customer-shareable report.

Product control

Execution boundary

RakerOne separates model reasoning from writes to customer systems. Policy, validation, authorization, and audit happen outside the model.

Contractual

Data processing terms

The DPA schedule covers authorized sub-processors, residency commitments, model-provider routing, and customer-specific amendments.

By order

Residency planning

Deployment regions are selected in the order and mapped to the infrastructure providers needed for that region.

Controlled routing

Model-provider use

Foundation model traffic is routed to approved providers and regions according to the applicable order and provider API terms.

Not advertised today

Third-party audit reports

CloudRaker does not list third-party audit reports on this trust center today. If a customer-shareable report becomes available, this page will name the request path.

Deployment review

Regulated workflows

Healthcare, financial, legal, and public-sector deployments are reviewed against the customer order, required controls, and applicable data handling terms.

Resources

Useful paths for vendor review.

Some materials are shared during contracting or under NDA. Public facts stay available here so security teams can start with the same baseline.

DPA and processing schedule

Request the contracting schedule for sub-processors, residency commitments, model-provider routing, and customer-specific amendments.

Request

Security review walkthrough

Book time to review the execution boundary, credential separation, audit trail, and deployment topology with the CloudRaker team.

Book

Authorized sub-processors

View the current processing list for infrastructure, identity, edge, storage, and model providers used by RakerOne.

View

Security questionnaire support

Send procurement, privacy, or vendor-risk questions for written answers tied to the planned deployment.

Send

Authorized Sub-processors

Current sub-processor list.

Last updated: June 24, 2026

Customer authorizes CloudRaker to appoint the sub-processors listed below. CloudRaker updates this list from time to time and makes the current list available at cloudraker.com/legal/subprocessors.

Entity name Product or service Location of processing Purpose of processing
Google Cloud Platform (Google LLC) Cloud Infrastructure Canada (northamerica-northeast1/2) / USA / EU (per region selected in Order) Hosting, compute, managed database, object storage, audit log storage
OVH SAS (OVHcloud) Cloud Infrastructure (Canada) Canada - Beauharnois, Quebec (BHS region) Alternate Canadian-resident hosting and storage; default for Customers electing Quebec / Canada-only data residency
Cloudflare, Inc. Edge Platform - Workers, R2, D1, AI Processing at the data centre closest to the End User; storage regions selected by CloudRaker; logs stored in USA / Canada / EU Edge compute, object storage, serverless SQL database, AI inference, CDN, DDoS protection, WAF, and bot management
WorkOS, Inc. Identity Provider Bridge USA SSO (SAML 2.0, OIDC), SCIM 2.0 provisioning, directory sync
Anthropic, PBC Foundation Model Inference USA Generative model inference for agent intents (Claude family models). No training on Customer data per Anthropic API terms.
OpenAI, L.L.C. Foundation Model Inference USA Generative model inference for agent intents (GPT family models). No training on Customer data per OpenAI API terms.
Microsoft Azure Azure OpenAI Services Canada Regionalized inference provider when Canada region is required. Generative model inference for agent intents; no training on Customer data per OpenAI API terms.
Google LLC (Gemini API) Foundation Model Inference Canada / USA / EU (per region) Generative model inference for agent intents (Gemini family models). No training on Customer data per Gemini API terms.

1 Customer data residency is selected in the applicable Order. Quebec / Canada-only residency uses OVHcloud in Beauharnois, Quebec and/or Google Cloud Platform in northamerica-northeast1. Broader Canadian, USA, or EU residency uses Google Cloud Platform in the corresponding region.

2 Cloudflare Workers, R2, D1, and Workers AI run on Cloudflare edge infrastructure. Storage regions for R2 and D1 are configured by CloudRaker to match the Order residency configuration.

3 Foundation model providers process inference inputs and outputs in their respective regions. CloudRaker selects providers and routes traffic in line with the Order residency configuration.

4 Customer-specific sub-processors required by a deployment, including a Customer-mandated foundation model provider, are added by amendment to the applicable schedule.

FAQs

Common diligence questions.

Do you publish third-party audit reports?

Not on this trust center today. CloudRaker will not list a certification until there is a current customer-shareable report and a clear request path.

Where is customer data processed?

The applicable order selects the residency region. Quebec, Canada-only, broader Canadian, USA, and EU deployments are mapped to the corresponding infrastructure providers before deployment.

Are model providers part of the sub-processor list?

Yes. When a foundation model provider may process customer data for inference, it is listed as a sub-processor and routed according to the applicable order.

How is AI execution controlled?

The model does not receive general write credentials. It proposes intents; customer-scoped services apply authorization, validation, policy, and audit controls before anything is executed.

Review areas

Controls reviewed before launch.

These are the areas CloudRaker can walk through with security, privacy, procurement, and implementation teams before RakerOne goes into production.

Release and rollback

  • Production changes are reviewed before release
  • Development, staging, and production are separated
  • Rollback paths are maintained for release risk

Identity and admin access

  • Unique user accounts
  • SSO and directory sync through WorkOS where configured
  • Least-privilege administrative access

Data handling

  • Encryption in transit
  • Customer data handling governed by contract
  • Data retention and disposal handled by customer requirement or policy

Vendor and residency

  • Sub-processor list maintained
  • Residency and provider routing mapped to the applicable order
  • Customer-specific vendors added by amendment

Incident handling

  • Security events tracked to resolution
  • Customer notice handled under contract
  • Post-incident review for confirmed incidents

Edge and audit logs

  • Cloudflare edge protections available where deployed
  • Regional storage configuration for data residency
  • Audit logs retained according to deployment requirements