Trust and Security

Rest easy when it comes to trust and security. We have you covered.

Your security matters to us

We are committed to helping organizations protect their critical information assets and comply with legal and regulatory requirements by continuously providing independent assurance of our security practices through third-party certifications and audits. See below for access to all publicly available report summaries and compliance certifications.

IT Controls
Security Testing
ISO 27001:2013 Certification
Security and privacy contacts

IT Controls (ISAE3402/SOC)

Basware services provide IT General and Application controls which are assessed in frequent ISAE 3402/SOC audits conducted by independent 3rd party.

Publicly available 2023 report summaries

Publicly available 2022 report summaries

Publicly available 2021 report summaries

Publicly available 2020 report summaries

Publicly available 2019 report summaries

Basware Personal Data Processing Appendix

Basware Personal Data Processing Appendix [released 28 October 2021] - Appendix applicable to processing of personal data through Basware services made available via a network, including Basware Security Measures annex.

Security Testing

Security Testing by Basware

Baswarecarries out vulnerability scanning using several security tools for testing services externally and internally
Baswareservices are also tested by an external security company. General level statement of external security testing is available for customers on request.

Security Testing by the Customers

Depending on agreed Service Level, Customers are welcome to engage security testing of Basware Services following agreed processes and practices. For further details please contact your Customer Support Manager