Security & Compliance

ExportGateway is operated by Stilo d.o.o.. Security, data protection, and regulatory transparency are foundational to a platform handling customs and trade data.

Stilo d.o.o.

Tesovnikova ulica 76A, 1000 Ljubljana, Slovenia

MŠ: 8712913000 · VAT: SI8712913000

Contact: info@exportgateway.eu

Encrypted data storage

Trade and platform data stored with encryption appropriate to the hosting environment.

Encrypted connections

HTTPS used for all web and API traffic between clients and ExportGateway services.

GDPR-aligned processing

Data processing aligned with GDPR. Data subject rights supported. EU-focused data handling.

Access controls

Role-based access design for team accounts (planned). Authentication and session management at launch.

Audit logging

Classification runs logged with engine type, confidence, disambiguation, and evidence metadata.

Infrastructure

Cloud infrastructure with redundant backups, health monitoring, and startup diagnostics.

Transparent outputs

All compliance and freight estimates labelled indicative with source attribution and disclaimer requirements.

Document Processing Security

Export Auditor — invoice upload, OCR, and compliance analysis

  • No permanent document storage

    ExportGateway does not permanently store uploaded source documents. Processing occurs in memory for the duration of the audit session.

  • Temporary OCR processing

    Documents are processed temporarily for OCR extraction and structured export compliance analysis. Only extracted results are displayed in the dashboard.

  • EU-focused infrastructure

    OCR is performed via Mistral AI, which serves its API from EU data centers by default. ExportGateway is operated from Slovenia within the European Union.

  • GDPR-aligned processing

    Document processing follows GDPR-aligned practices. Users must confirm they are authorized to process uploaded document contents.

  • Commercial AI providers with no training on customer documents

    OCR uses Mistral AI under commercial API terms. Customer documents are not used for model training. Mistral may retain request data for up to 30 days for abuse prevention unless Zero Data Retention is enabled. See our Privacy Policy for sub-processor details.

Customs & Trade Compliance

ExportGateway implements P0 compliance transparency requirements: global disclaimer banners, confidence display on classifications, source labelling on all estimates, and legal notices in PDF reports. Platform outputs are indicative and must be verified before customs or commercial use.

Read Customs & Trade Disclaimer →

Security inquiries

For security reviews, compliance documentation, or data processing agreements:

info@exportgateway.eu