Security at CargoScan
Security is built into our pre-entry validation workflow—from authentication and encryption to role-based access, auditability, and data retention.
At a glance
A simple, defense-in-depth approach: least-privilege access, encryption in transit and at rest, and clear data controls.
Secure by default
Tenant-scoped data with role-based policies and query-time RLS.
Modern encryption
TLS for data in transit; managed, encrypted storage at rest.
Least privilege
Narrowly scoped service roles and environment-bound keys.
No model training
We don’t use your data to train models. It stays in your workspace.
Deletion & portability
Delete uploads and results, or export issues as CSV/JSON anytime.
Auditable access
Logged access and restricted credentials limit exposure.
How we protect your data
Three layers cover the essentials—access, storage, and lifecycle—without extra ceremony.
Authentication & access
- httpOnly sessions with server-side checks
- Row-level security on every read/write
- Least-privilege service roles
- SSO/SAML available on Enterprise
Storage & encryption
- TLS for client ↔ server and service ↔ service
- Encrypted databases and object storage
- Scoped credentials; access is logged
Data handling
- Upload CSV/JSON over TLS
- Export machine-readable issue lists
- Delete uploads and results; retention kept minimal
Compliance & documents
We follow secure engineering practices and can share standard artifacts on request—security overview, DPA, and business continuity details.
Security FAQs
Straight answers to the common questions.
Do you use my data to train models?
No. Your files and results are not used to train models and remain isolated to your account.
Where is data stored?
With managed providers in encrypted storage. Region options are available on request.
Can I permanently delete data?
Yes. Deleting uploads and results removes them from application and underlying storage.
Do you store payment card details?
No. Payments are processed by Stripe; we never store card numbers or full PANs.
Questions or security reports?
Reach our team for disclosures or request a security overview. We’re happy to help.