MyCustomsInfo® - Customs Compliance Platform
MyCustomsInfo®
Security & Compliance

Enterprise-Grade SecurityYou Can Trust

Your customs data is sensitive business information. We've implemented comprehensive security measures and maintain strict compliance with international data protection standards.

Comprehensive Security Measures

Multiple layers of protection for your data and operations

End-to-End Encryption

All data is encrypted in transit and at rest using AES-256 encryption standards

GDPR Compliant

Full compliance with European data protection regulations and privacy rights

Multi-Factor Authentication

Advanced authentication systems protect against unauthorized access

Role-Based Access Control

Granular permissions ensure users only access data they need

Complete Audit Trails

Comprehensive logging of all system activities and data access

Secure Infrastructure

Enterprise-grade infrastructure with multi-region data centers and 24/7 monitoring

Configurable Hosting Region

Client data is hosted on AWS infrastructure across UK, EU, and USA regions. Hosting region is configurable per client and is selected at onboarding — supporting data residency requirements across regulated industries and jurisdictions. Your data stays in the region you specify.

Industry Compliance Standards

Independently verified certifications and compliance frameworks

ISO 27001:2022

Information security management system certification in progress — target Q4 2026

In Progress

GDPR

European General Data Protection Regulation

Compliant

Your Data Never Touches Anyone Else's

Every client on MyCustomsInfo runs in a completely isolated environment. This is an architectural fact — not a configuration option, not a contractual promise.

Individual Instance Per Client

Every client is provisioned as a completely separate infrastructure instance from day one: dedicated AWS S3 prefix, dedicated PostgreSQL schema with Row Level Security, dedicated document storage namespace, dedicated analytics data catalog.

Zero Blast Radius

A security incident affecting one client cannot expose any other client's data through any failure mode. Your data and another client's data have never been in the same environment.

Your Own Encryption Key

Every client's data is encrypted with a dedicated AWS Customer Managed Key. Only your instance can decrypt your data. Not shared. Not rotated across clients.

Configurable Hosting Region

Hosted in the AWS region you specify at onboarding — UK (eu-west-2), EU (eu-west-1/eu-central-1), US (us-east-1/us-east-2), or APAC. Your data stays in your jurisdiction.

How this differs from standard SaaS security: Most cloud platforms protect client data through access controls within a shared environment. MyCustomsInfo separates each client's data at the storage layer. There is no shared environment to breach.

Secure Infrastructure & Operations

Our platform is built on enterprise-grade infrastructure with multiple layers of protection and 24/7 monitoring.

Secure Data Centers

Multi-region data centers with physical security and redundancy

24/7 Monitoring

Continuous security monitoring and threat detection systems

Security Audits

Annual external penetration testing by CREST-certified providers scheduled — OWASP Testing Guide v4.2 methodology

Your Data Protection Rights

We take data protection seriously and provide you with full control over your information according to global privacy regulations.

Data Ownership: You retain full ownership of all your data
Data Portability: Export your data anytime in standard formats
Right to Deletion: Request deletion of your personal data
Transparent Processing: Clear information about how we use your data
Certified Data Destruction on Exit: AWS Certificate of Destruction issued to all departing clients

Security Guarantees

Uptime SLA99.9%
Data Recovery Time< 4 hours
Backup FrequencyReal-time
Data Retention7 years

Certified Proof of Data Destruction When You Leave

When a client offboards from MyCustomsInfo, every layer of their data is permanently and irreversibly deleted — and we prove it in writing.

1

Offboarding Initiated

You give notice. Our structured offboarding process begins. No residual data is created from this point.

2

Complete Data Removal

Every layer deleted: S3 storage, database, document store, analytics catalog, and all backup copies.

3

AWS Certificate Issued

Amazon Web Services issues a formal Certificate of Destruction confirming complete, irreversible deletion from AWS infrastructure.

AWS Certificate of Destruction — Issued as Standard

Every departing client receives a formal Amazon Web Services Certificate of Destruction. This is a documented, auditable, contractually-backed confirmation that your customs data no longer exists anywhere in our infrastructure. It satisfies UK GDPR Article 17 (Right to Erasure), ISO 27001 Annex A data disposal requirements, and enterprise procurement data governance obligations.

Ask your current provider: "Can you give us a certified proof of complete data destruction when we leave?" No other customs compliance platform in this market publishes an offboarding and certificate of destruction process.

Security Questions?

Our security team is available to address any concerns about data protection

[email protected]General Contact

US Regulatory Notice. MyCustomsInfo® is an independent compliance auditor. It does not conduct customs business as defined under 19 U.S.C. §1641. The specific tariff classification to be applied to any entry of merchandise is to be determined by a licensed Customhouse broker. MyCustomsInfo® output does not constitute entry preparation, classification advice, or customs broker services. Preparation and filing of Post-Entry Amendments, Post-Summary Corrections, protests, and drawback claims must be performed by a licensed customs broker. US broker records are held in US AWS regions in compliance with 19 C.F.R. §111.23. Primary authority: CBP HQ H272798 (January 2017). Supporting authority: CBP HQ H350722 (January 2026).

Ask Piers, our AI assistant