Security

Broker mailboxes are sensitive. LaycanMatch is designed around that reality.

Control what is connected, what is imported, what is stored and who can access extracted offer data.

Short answer

LaycanMatch handles mailbox data as sensitive operational data.

LaycanMatch handles broker mailbox data through authorized access, scoped imports, encrypted secrets, visible source email review, explicit processing statuses and optional dedicated or on-premises deployment.

Security model

Practical controls for email-driven chartering data.

The system is built to process broker emails with clear user authorization, encrypted secrets, scoped imports, source review and explicit processing statuses.

Authorized access

Users connect mailboxes through Google authorization or IMAP credentials and can disable accounts when processing should stop.

Encrypted secrets

Mailbox passwords, OAuth tokens and AI API keys are stored encrypted and masked in the interface.

Scoped import

Users can choose mailbox folders and date ranges before importing instead of processing everything by default.

No automatic replies

LaycanMatch does not automatically answer brokers, negotiate terms or execute deals.

Boundary conditions

What LaycanMatch does not do.

LaycanMatch is built to help brokers review and act faster, not to replace commercial judgment or take control of broker communication.

No automatic broker repliesIt does not send broker replies automatically.
No commercial negotiationIt does not negotiate freight, commission or charter terms.
No deal executionIt does not execute deals.
No hidden mailbox accessIt does not process folders that the user did not authorize.
No silent failuresIt does not hide failed, duplicate or low-confidence processing statuses.

Data handling

What the system stores and why.

Email metadataSubject, sender, received date, folder, message identifiers and processing status support dedupe, audit and retry flows.
Source contentOriginal email body and extracted offer fragment can be stored so users can verify where each cargo or vessel field came from.
Structured offersCargo, vessel, port, laycan, broker and confidence fields power filters, matching, exports, map view and Telegram alerts.
Operational logsIMAP errors, LLM errors, duplicate decisions and retry states are visible instead of failing silently.

Example review path

Example: a broker can open a structured offer, inspect the source email fragment, verify the laycan wording, then decide whether the record is commercially usable. Security here is not only encryption; it is also visible evidence.

Who this is not for

If the desk cannot allow any hosted or dedicated external processing under any circumstance, this category may require a stricter internal deployment model or no adoption at all.

Proof point

The system keeps duplicate, failed and low-confidence states visible instead of hiding them, which matters during internal security and process review.

Deployment choices

Shared SaaS for speed, dedicated deployment for stricter requirements.

Some brokers can start with the hosted workspace. Teams with stricter mailbox confidentiality, procurement or data sovereignty rules can request dedicated infrastructure.

Hosted workspace

Fastest way to test. Suitable for controlled trial imports, demo workflows and smaller teams.

Dedicated server

Separate infrastructure for stronger isolation and clearer operational boundaries.

On-premises

Runs on client infrastructure for teams that require maximum control over mailbox data and LLM accounts.

Security review

Use the contact form to ask about retention, deletion, OAuth scopes, encryption and access controls.

Retention table

What data is stored, why it exists and what the desk should review.

Security pages need procurement-ready detail, not just claims about encryption.

Data typeStoredWhyReview point
Mailbox credentials / OAuth tokensYes, encryptedTo maintain authorized mailbox accessRevoke or disconnect when no longer needed
Email metadataYesDedupe, audit and processing statusRetention policy should be reviewed
Email body / fragmentYes, when availableSource review and evidenceAssess confidentiality rules before import
Structured cargo / vessel offersYesSearch, matching, export and alertsRetention and delete/export policy
Operational logsYesError visibility and retry workflowUseful for audit and support

FAQ

Security questions procurement and brokers usually ask.

This should answer the questions that appear before a mailbox is connected, not after.

Does LaycanMatch need full mailbox access?

The desk authorizes the mailbox and controls folder scope. The workflow is designed around explicit access, not hidden background crawling.

Can I choose which folders are processed?

Yes. Folder and date-range choice is part of controlled import.

Does LaycanMatch use my mailbox to send replies?

No. The system does not send automatic broker replies or negotiate on behalf of the desk.

Who is this not for?

Teams that cannot allow any hosted or dedicated external processing at all may need a stricter internal deployment model or may decide not to use an AI parser category at all.

Further reading

Security claims should connect to product behavior.

These pages show how mailbox scope, extraction review and operational limits work in the live workflow.

Methodology

Explains confidence scoring, visible source review and processing states.

AI email parser

Shows the actual parsing workflow behind the security model.

About LaycanMatch

See the company, operator context and why the product scope is intentionally narrow.

Product updates

Track changes to the product surface that matter for operational review.

Next step

Have a security concern before connecting mail?

Send the question before trial setup. For many brokers, confidence in mailbox handling is the buying decision.