Skip to main content
cratersync

[ STATION / DEDICATED ]

Your own isolated stack. On our infrastructure.

Single-tenant Postgres, object storage, and KMS key. We run the operations; you run your compliance review against a dedicated deployment that's yours alone.

Annual contract * three variants * sales-led -- book a discovery call

[ WHAT YOU GET ]

Isolated stack

Your own Postgres instance, object storage, and KMS key. Not a logical tenant in shared infra -- a dedicated deployment we operate separately.

Cryptographic erasure

On contract termination, we destroy the master key. Your data is mathematically unrecoverable -- not a deletion promise, an encryption guarantee.

Right to review

Annual security review by your team or your chosen firm. We provide system access, answer questionnaires, walk through our security model, and remediate findings. 16 hours of review support included on Pro.

Network isolation

Custom subdomain (yourcompany.cratersync.fm) or vanity domain (recordings.yourcompany.com). VPC peering and AWS PrivateLink available on Enterprise.

SSO + DPA

SAML or OIDC against your IdP, no shared identity layer. Dedicated DPA with custom retention and data-residency commitments.

[ THREE VARIANTS ]

Pick the right fit for your environment.

Pricing per variant set during the discovery call. The shape:

[ STANDARD ]

The compliance baseline. Isolated stack, dedicated DPA, white-glove SSO.

  • Isolated Postgres + object storage + KMS key
  • Custom subdomain (*.cratersync.fm)
  • SSO (SAML / OIDC) install
  • 99.5% SLA
  • Cryptographic erasure on termination
  • Audit log export, custom retention
  • Email support, SLA-bound response

[ PRO ]

Your clients see your domain, not ours. Your retention, your paper trail.

  • Everything in Standard
  • Vanity domain (recordings.yourcompany.com)
  • Uptime + response-time SLA negotiated per contract
  • Quarterly security review session
  • Right to review (annual, 16h included)
  • Source escrow -- optional add-on

[ ENTERPRISE ]

For regulated industries: PrivateLink, dedicated CSM, custom SLA terms.

  • Everything in Pro
  • VPC peering / AWS PrivateLink
  • Data-residency commitment
  • Dedicated customer success manager
  • Named on-call escalation contact; response-time SLA negotiated per contract
  • Custom retention + extended review terms

[ ONBOARDING ]

From first call to cutover, in weeks.

  1. Day 0

    Discovery call (30 min)

    Tell us about your compliance environment, expected volume, retention rules, SSO setup. We come back with a written proposal and the variant + price recommendation.

  2. Week 1

    Contract + DPA

    Annual MSA + Data Processing Agreement, customized to your retention / residency / audit terms. Source escrow paperwork if elected.

  3. Week 2

    Provisioning

    We provision your isolated stack. If SSO: we exchange metadata with your IdP. We hand your team connection details to verify before cutover.

  4. Week 3

    Cutover + first sessions

    Your team logs in via SSO. First production sessions recorded against the dedicated stack. We monitor; you produce.

[ AUDIT + COMPLIANCE ]

Built so your compliance team can sign off.

Right to review (Pro / Enterprise): Your team or your chosen security firm runs an annual review against the dedicated stack. We provide system access, answer questionnaires, walk your team through our security model, and remediate critical findings. Pro includes 16 hours of review support per year; Enterprise includes extended hours. Additional time bills at standard consulting rates.

Per-session encryption: Each session gets its own AES-256 DEK, envelope-wrapped against your dedicated master key with AAD bound to your organization id and session id. Cross-tenant unwrap is infeasible by design. On contract termination we destroy the master key, rendering every session in the dedicated stack mathematically unrecoverable.

Source escrow (optional, Pro+): We deposit our source code with a 3rd-party escrow agent (e.g. Iron Mountain). If we go bankrupt, fail to maintain the SLA, or materially breach the contract, the escrow releases the source to you under a perpetual license. The "what if they go bust?" question, answered without us shipping you the code today.

Data residency: Pro and Enterprise variants pin your stack to a specific region (US, EU, UK). The data never leaves. Written into the DPA.

[ STATION READY ]

Ready for a discovery call?

30 minutes. Tell us about your environment, your compliance constraints, and what you're recording. We come back with a specific variant recommendation and a written proposal.

Book a discovery call