Security

How we protect your data and documents

Broker Lockbox handles sensitive freight documents including rate confirmations, invoices, carrier packets, and payment data. We take the security of your data seriously. This page explains our security practices.

Encryption

In transit

All data transmitted between your browser and Broker Lockbox is encrypted using TLS (HTTPS). We do not support unencrypted HTTP connections.

At rest

Files stored in your Vault are encrypted at rest. Encryption is applied at the storage layer to protect your documents from unauthorized access.

Payment data

Stripe handles all payment card data. Broker Lockbox never stores or transmits credit card numbers. Stripe is PCI DSS compliant.

Access Controls

Account-based access

Your documents and data are tied to your account. Other users cannot access your Vault files, documents, or account data.

Secure share links

When you share documents via link, those links include expiration controls. Expired links can no longer be used to access your documents.

Credential security

Passwords are hashed and never stored in plain text. We recommend using a strong, unique password for your account.

Data Practices

No data sales

We do not sell your data or documents to third parties. Ever.

No AI/ML training

Your documents and data are never used to train AI or machine learning models, by us or any subprocessor.

Document retention

Vault files are retained until you delete them or per your plan limits. You can delete individual files or your entire account at any time.

Subprocessors

We use the following trusted third-party providers as part of operating the platform:

Stripe — Payment processing (PCI DSS compliant)
Telnyx — SMS delivery for document sharing and notifications
Cloud storage provider — Encrypted Vault file storage

All subprocessors are bound by appropriate data processing terms.

Incident Response

In the event of a data breach or security incident affecting your account, we will notify affected users in accordance with applicable law.

To report a security concern or suspected incident, contact: [email protected]

Vulnerability Disclosure

If you discover a security vulnerability in Broker Lockbox, please report it responsibly. We ask that you do not disclose vulnerabilities publicly until we have had a reasonable opportunity to address them.

Contact: [email protected]

Questions

For general questions about security or data handling, reach out at: [email protected]