Trust

Security at a glance.

Customs data is regulatory data. Here's how we handle yours: the people who can see it, the encryption around it, the vendors who touch it, and the trail it leaves.

Authentication

How we know it's you.

  • Email-verified accounts

    Sign-up requires a 6-digit code sent to your work email. Account isn't usable until verified.

  • Password hashing

    bcrypt with cost 12. We never store, log, or transmit raw passwords. Reset flows time-bound, single-use.

  • Session security

    HTTP-only, secure, SameSite=Lax session cookies. Sessions invalidate on password change. Server-side session store.

  • Brute-force protection

    Per-account rate limits on login attempts. Suspicious activity flagged in the audit log and emailed to admins.

Authorization

Four roles. Same data, different permissions.

Role assignment is set at invite time. Owners and admins can change roles for any member. Email-verified invites with a 6-digit code; suspend access in one click.

  • Owner

    Everything Admin can do, plus billing, integrations, and the ability to delete the team. One owner per team minimum.

  • Admin

    Invite + manage users. Configure templates. Toggle AI features per-team. View the audit log.

  • Operator

    Create, edit, submit filings. Use AI Coach + pre-flight. Reply to CBP rejections. Cannot manage users or billing.

  • Viewer

    Read-only access. Export PDFs. Subscribe to notifications. View score history. Cannot edit anything.

Data

Where it lives, how it's protected.

  • Encryption in transit

    TLS 1.2+ on every endpoint. HSTS preload. Certificate pinning on critical API paths.

  • Encryption at rest

    AES-256 disk encryption on the Postgres primary and all replicas. Backups encrypted with separate keys.

  • Data residency

    All customer data stays in the US. Postgres + object storage hosted in AWS us-east-1 with backups to us-west-2.

  • Backups & DR

    Continuous WAL streaming + nightly full backups, 30-day retention. Quarterly restore drills documented.

Vendors

The third parties we use.

Full transparency. Every external service we send your data to, what data they see, and where it goes.

  • CustomsCity
    ABI gateway
    Filing data, party data, MBOL
    US
  • OpenAI (gpt-4o)
    AI Coach + pre-flight + HTS classifier
    Filing data + CBP response only
    US (zero-retention API tier)
  • Stripe
    Billing
    Email, plan, invoice events
    US
  • AWS (us-east-1)
    Hosting + Postgres + S3
    All app data
    US
  • Resend
    Transactional email
    Recipient email + message body
    US
Audit trail

Every action, logged forever.

Read-only audit log accessible to Owners and Admins. Filterable by user, filing, action, or time. Exportable as CSV for your compliance team.

What each log entry contains

  • Who did it (user email + role)
  • When (UTC timestamp + IP)
  • What (action + filing ID)
  • Result (success / error code)
  • Diff (before/after for edits)
2026-05-23T14:21:08Z · alice@atlasapparel.com · operator · 192.0.2.14
→ filing.submit · INV-4421 · ISF-10 · success
2026-05-23T14:22:31Z · carlos@atlasapparel.com · operator · 198.51.100.7
→ ai.preflight.run · INV-4421 · 0 critical, 1 warning
2026-05-23T14:24:55Z · alice@atlasapparel.com · operator · 192.0.2.14
→ filing.resubmit · INV-4421 · ISF-10 · accepted
Disclosure

Found something? Tell us.

We treat security reports with priority. Responsible disclosure earns acknowledgement; please don't publish until we've patched.

Report security issues directly to

security@mycargolens.com

PGP key on request. Typical response: within 24h on weekdays.

Questions about security?

Talk to foundersStart free