Trust Center
Ask a questionRequest access
Trust Center

Compliance & privacy

Our honest compliance posture, how we handle data, and the subprocessors we rely on.

Compliance approach

Cenntrax is engineered around the principles behind recognized security and quality frameworks — least-privilege access, encryption, immutable audit, and documented quality processes (deviations, CAPA, controlled documents). We do not display certifications we have not earned. Where a customer requires formal attestations or a specific framework, we are happy to walk through our current controls and roadmap directly.

  • Built for regulated cold-chain and controlled-substance logistics.
  • Tamper-evident audit and quality workflows (deviation / CAPA / document control) implemented in-product.
  • Independent third-party certification (e.g. SOC 2 / ISO 27001) is a roadmap item, not a current claim.

Data privacy & ownership

You own your data

Customer data belongs to the customer. We do not sell it and do not share it with third parties except the subprocessors needed to run the service, or where legally required.

Purpose-limited collection

We collect what is needed to operate deliveries — order, address, proof-of-delivery, location, and temperature data — and nothing beyond that purpose.

Tenant isolation

Each customer's records are isolated at the database level, so data is never co-mingled across organizations.

Retention & deletion

Records are retained for the periods required for logistics and compliance, and can be removed on request subject to legal hold.

Subprocessors

Amazon Web Services (AWS)Cloud hosting, managed databases, and backups
Google Firebase Cloud MessagingPush notifications to the driver app
Samsara / Fleet CompleteVehicle telematics & temperature sensor data (where enabled)
OpenAIOptional AI assistance features (no training on customer data)