Skip to content
Back to Blog Security at Customaite
Expert story

Security at Customaite: Your trust, our priority

We know how critical it is to protect the sensitive logistics data you trust us with. Your confidential information is secure with us.

Alex Wauters
Alex Wauters

Mar 11, 2025

At Customaite, protecting your sensitive logistics data is our top priority. We’re proud to report that our latest penetration test found no high or critical risks, reinforcing our commitment to strong security measures. From ISO 27001 certification to secure development practices, we continuously safeguard your data. Read on to see how we keep your information secure and compliant.


 

Your trust, our priority

At Customaite, we know how critical it is to protect the sensitive logistics data you trust us with. Your confidential information—from pricing details on invoices to customer contacts—is secure with us.

We’re therefore pleased to report that our latest penetration test has concluded successfully, with no findings of high or critical impact. A formal attestation letter from our external security experts is available upon request.

Penetration tests are performed by security professionals, where they attempt to gain access to resources they shouldn't be able to, or analyse where the application might disclose clues that could be used by hackers. We perform these tests regularly to validate our continuous internal efforts to improve our security posture.

This post will dive a bit deeper into specific measures we take to safeguard your information, and why they matter.

Built secure from the start: Our Threat Modelling approach

Good information security practices start at the very beginning, when designing new features or projects.

Each new project undergoes a standardised security review. If new integrations or additional data collection are involved, senior engineers perform a detailed security design analysis, documenting potential threats and aligning on mitigation strategies before development starts.

We document new potential threats with techniques such as threat modelling, and align on our mitigation approach for these threats.

I've previously written about threat modelling in more detail in this blog post, highlighting how it fosters a proactive security mindset across all our teams.

 

Data minimisation and processing practices

Less data means less risk. Before development begins, we rigorously assess data requirements to ensure your sensitive information is never collected, stored, or shared unless explicitly necessary.

We never collect or retain data longer than required, and by processing exclusively on EU-based servers, we ensure full compliance with GDPR and other European data protection regulations. Data is also never provided to subprocessors unless explicitly required.

Secure development practices

Our secure development practices ensure your data remains protected throughout the entire lifecycle of our product.

Our developers undergo mandatory training on key security risks, including those outlined in the OWASP Top 10 vulnerabilities. During development, we apply code reviews and static code analysis. We track the risks and licences of any open-source dependencies that we include with Snyk.

Our infrastructure is regularly updated following strict guidelines, and updates replace the previous components entirely.

ISO 27001 Certification

Our ISO 27001 certification demonstrates Customaite’s commitment to best practices, assuring you that your information is protected across critical areas such as access control, asset management, cryptography, physical security, operational security, and incident response.

This certification provides you with confidence that our Information Security Management System (ISMS) meets stringent criteria and that our security measures undergo regular independent audits.

This certificate also proves that we have demonstrated to auditors that our team understands these policies and we can demonstrate evidence of the continuous security measurements mentioned earlier.

Securing our supply chain

Our commitment to security extends beyond our own operations. All third-party vendors and subprocessors undergo a rigorous vetting process, including comprehensive legal and security checks.

Our Data Processing Agreements (DPAs) are carefully tailored to each vendor relationship, ensuring that your data remains protected throughout our entire supply chain.

In conclusion

We hope this article clarified any questions you may have on how we perform information security at Customaite. We also provide answers to security controls in the ‘CAIQ template’ on this page: https://www.customaite.ai/security. For customers with specific compliance requirements, we're happy to provide our security certificates, penetration testing attestations, or schedule a detailed security review call with our team.

Partner with Customaite and experience logistics document processing that’s secure, compliant, and designed to protect your business.

Book a demo today

Don’t wait until your competitors have left you behind. Experience the power of AI-driven logistics firsthand. Book a demo with our team

It’s as simple as booking a demo at the bottom of this page.

And let me know if that 1 hour of your precious time was well spent?

Alex Wauters

Alex Wauters is the CTO of Customaite, driving the development of AI-powered customs solutions that enhance efficiency while ensuring security and compliance. With expertise in machine learning, cloud infrastructure, and cybersecurity, he’s committed to building secure, scalable, and human-assisted AI systems for global trade.

MatejPlaninic

Get in touch with Matej

Want to see how Customaite works with your documents and how it fits in your company? Fill in the form below and discover how Customaite will make your life easier.

More Insights

Security at Customaite: Your trust, our priority
Expert story

Security at Customaite: Your trust, our priority

We know how critical it is to protect the sensitive logistics data you trust us with. Your confidential information is secure with us.

The 'AI devide' in logistics
Expert story

The 'AI devide' in logistics

AI is revolutionizing logistics, creating an unbridgeable gap between those who adapt and those who fall behind

Blame the AI
Expert story

Blame the AI

Explore how our high expectations of AI influence its effectiveness in business, and learn to view AI as a valuable tool rather than a scap...