Your trade data, protected at every layer
Global Tariff Rates is built with security-first principles. From encryption to audit trails, we protect your product data and classification results with enterprise-grade security.
Security posture
Comprehensive security controls across every layer of the platform.
Encryption at Rest & In Transit
All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Database-level encryption ensures your product data and classification results are protected at every layer.
- AES-256 encryption at rest
- TLS 1.3 for all data in transit
- Database-level row encryption
- Encrypted backups with key rotation
Comprehensive Audit Trails
Every action on the platform is logged with full context: who did what, when, and why. Audit trails are immutable and exportable for compliance reviews.
- Immutable audit event log
- User, action, and timestamp tracking
- Before/after state capture
- Exportable audit reports
Role-Based Access Control
Granular permissions ensure team members only see what they need. Separate roles for admins, compliance managers, operations, finance, and external collaborators.
- Admin, compliance manager, ops, finance roles
- External collaborator access (broker, consultant, expert)
- Organisation-level isolation
- Invitation-based onboarding
Infrastructure Security
Built on enterprise-grade cloud infrastructure with automatic scaling, redundancy, and disaster recovery. Your data is always available and protected.
- Hosted on SOC 2 compliant infrastructure
- Automatic failover and redundancy
- Daily encrypted backups
- 99.9% uptime SLA (Enterprise)
Data Residency
Choose where your data lives. We offer data residency options for EU, UK, and US regions to meet your regulatory requirements.
- EU data residency (Frankfurt)
- UK data residency (London)
- US data residency (Virginia)
- Custom residency for Enterprise
Authentication & Identity
Secure authentication with support for SSO/SAML, multi-factor authentication, and session management. Enterprise plans include custom identity provider integration.
- Email + password authentication
- SSO / SAML integration (Enterprise)
- Session management and expiry
- API key management with scoping
SOC 2 readiness roadmap
We're on a clear path to SOC 2 Type II certification. Here's where we are.
Security Foundations
- Encryption at rest and in transit
- Role-based access control
- Audit logging
- Secure authentication
- Vulnerability scanning
SOC 2 Type I
- Formal security policies
- Vendor risk assessments
- Incident response procedures
- Employee security training
- Penetration testing
SOC 2 Type II
- Continuous monitoring controls
- Third-party audit engagement
- Compliance automation
- Annual review cycle
- Customer security portal
Enterprise security features
Additional security capabilities for organisations with advanced requirements.
SSO / SAML Integration
Connect your identity provider for seamless, secure access. Support for Okta, Azure AD, Google Workspace, and custom SAML providers.
Custom Security Reviews
We work with your security team to complete vendor questionnaires, security assessments, and custom compliance requirements.
Custom SLA
Enterprise plans include custom SLAs for uptime, response times, and data processing guarantees tailored to your requirements.
Dedicated Security Contact
Enterprise customers get a dedicated security contact for incident communication, vulnerability disclosure, and security questions.
Questions about security?
Our team is happy to discuss security requirements, complete vendor questionnaires, and arrange custom security reviews.