( 01 ) — Trust & Security

    Multi-party data, governed by design.

    ContainerGrid coordinates OEMs, contractors, recyclers, and offtakers in one workflow. That only works if every party trusts what the others can see. Neutrality isn't just our market position — it's our data architecture.

    This page is maintained by ContainerGrid GmbH to answer common security and privacy questions about the ContainerGrid platform. It describes app-owner practices and enabled controls — it is not an independent certification.
    ( 02 ) — Principles

    Three commitments every participant gets.

    Neutrality

    We don't trade against you

    ContainerGrid is an infrastructure layer, not a market participant. We never buy, sell, or broker material — so your commercial data is never our trading advantage.

    Permissioned Visibility

    Each party sees only its role

    Role-based access across the chain: program owners see program state, operators see their orders, offtakers see allocated lots. No party sees another's economics.

    Data Ownership

    Program data belongs to the program owner

    Operator profile data belongs to the operator. Exports are always available. Leaving the platform means taking your data with you.

    ( 03 ) — Who Sees What

    The permission model, plainly.

    Program rules & stateOrder execution detailOperator pricingLot provenanceNetwork profiles
    Program owner (OEM)✓ full✓ their programs— (aggregated only)✓ matched operators
    Operator / recycler— (their obligations only)✓ their orders✓ their own✓ their handoffs✓ own profile
    Offtaker / refiner✓ allocated lots
    ContainerGrid✓ operate & audit✓ operate & audit— no trading use, ever
    ( 04 ) — Security & Compliance Posture

    Enterprise questions, answered up front.

    Final specifications (hosting regions, auth provider, backup RPO/RTO, encryption detail) are being documented for publication — available today under NDA as part of any security review.

    Detailed technical specifications are shared in the security review pack — full public documentation is in preparation.
    Where is our data hosted?
    EU-hosted infrastructure with EU data residency for European programs. Exact regions and provider details are shared in the security review pack.
    Is ContainerGrid GDPR-compliant?
    Yes — we operate under GDPR as processor for program data and controller for account data. DPA available on request. Operator application data is visible only to program owners you are matched with.
    How is data encrypted?
    Encryption in transit and at rest as standard. Cipher and key-management specifics are documented in the security review pack.
    How do you handle multi-tenant isolation?
    Tenant isolation is enforced at the data layer with role-based access on top; the isolation model is documented for enterprise reviews.
    Do you support Catena-X / data-space integration?
    Yes — ContainerGrid participates in the Catena-X ecosystem, including shared EDC connector patterns for dismantler networks, so smaller operators can participate in data spaces without running their own connector.
    Can we run a security assessment?
    Yes — enterprise pilots include a security review step. Request the review pack via the button above; we support questionnaires (SIG, CAIQ) and direct sessions with our engineering lead.

    Diligence welcome.

    Request the security review pack — or put your questionnaire straight in front of our engineering team.

    Cookie Settings

    We use cookies to enhance your browsing experience, analyze site traffic, and personalize content. You can choose which cookies you want to allow.