Trust and Security

Rest easy when it comes to trust and security. We have you covered.


We are committed to helping organizations protect their critical information assets and comply with legal and regulatory requirements by continuously providing independent assurance of our security practices through third-party certifications and audits. See below for access to all publicly available report summaries and compliance certifications.


Basware services provide IT General and Application controls which are assessed in frequent ISAE 3402/SOC audits conducted by independent 3rd party.

Basware Personal Data Processing Appendix

Basware Personal Data Processing Appendix [released 28 October 2021] - Appendix applicable to processing of personal data through Basware services made available via a network, including Basware Security Measures annex.

Security Testing

Security Testing by Basware

  • Basware carries out vulnerability scanning using several security tools for testing services externally and internally
  • Basware services are also tested by an external security company. General level statement of external security testing is available for customers on request.

Security Testing by the Customers

  • Depending on agreed Service Level, Customers are welcome to engage security testing of Basware Services following agreed processes and practices. For further details please contact your Customer Support Manager
Security Testing
ISO 27001:2013 Certification

ISO 27001:2013 Certification

Our ISO 27001:2013 certification demonstrates our commitment to security, which is verified through independent certifications audits. 

Security and privacy contacts

Security Incidents

Create a case in the Customer Support Portal, or contact the Basware Security team directly at: [email protected].


For specific requests, questions and concerns email [email protected]. Alternatively, visit our GDPR commitment.

Responsible Disclosure for Security Vulnerabilities

Report a Security Issue

Ethical or Code of Conduct Issues or Concerns

[email protected]