Built for operational trust.

All data transmitted to and from FreightSurf is encrypted in transit using TLS 1.3. All data stored at rest — including carrier intelligence, account data, and extracted freight records — is encrypted using AES-256.

• TLS 1.3 for all data in transit
• AES-256 encryption at rest
• Encrypted database storage
• Encrypted backup systems

FreightSurf runs on enterprise-grade cloud infrastructure with security controls designed for high-availability operational platforms. We apply security-first architectural practices across all system components.

• Enterprise cloud hosting with isolated compute environments
• Continuous infrastructure monitoring and anomaly detection
• Automatic failover and redundancy systems
• Regular security reviews of infrastructure configuration
• Network-level isolation between customer data environments

FreightSurf enforces strict access control across all system layers. Production system access is restricted to a minimal set of authorized engineers using least-privilege principles.

• OAuth 2.0 for Gmail integration — no password storage
• Secure session token management with automatic expiration
• Least-privilege access model for all internal systems
• Role-based access controls on Team and Enterprise plans
• Database access restricted and logged per access event

FreightSurf maintains comprehensive audit logs of platform activity, including Gmail sync events, carrier verification queries, and user actions within the platform. These logs support transparency and incident response.

• Platform activity logs retained per plan tier
• FMCSA verification queries logged and auditable
• Gmail sync events logged with timestamps
• Outbound email actions recorded with user authorization timestamps
• Security event alerting for anomalous access patterns

FreightSurf uses OpenAI's API for natural language processing features. Carrier email content submitted to OpenAI for classification is governed by an enterprise API agreement that prohibits use of your data to train or improve OpenAI's models.

• OpenAI API-only usage — no shared model training
• Customer data not used to improve any third-party AI system
• Encrypted transmission to AI processing endpoints
• AI outputs are informational — not stored as ground truth
• Minimal data submission principle — only necessary context sent

Your carrier intelligence database — the operational core of your FreightSurf account — is isolated, encrypted, and accessible only to your authorized team members.

• Carrier data stored in isolated per-account namespaces
• FMCSA data sourced from official government APIs only
• No cross-account data sharing or aggregated profiling
• Carrier data exportable on request in standard formats
• Data deleted within 30 days of account termination