Skip to main content

Security & Compliance

Security architecture,
built for the AP Intelligence Platform.

FlexTrap is an intelligence layer that sits on top of your ERPs and continuously analyses AP data. Your ERP remains the system of record. For details on specific certifications, attestations, and security artifacts, request our security documentation pack below.

EU-U.S. Data Privacy Framework

Certified by FlexTecs

Includes the UK Extension to the EU-U.S. DPF. FTC oversight, PrivacyTrust dispute resolution.

Architecture

How FlexTrap fits into your stack

FlexTrap is a continuous-analysis layer that sits on top of your ERPs. The architecture is designed around three principles: read-only access to source systems, tenant isolation for AI workloads, and minimisation of the data we ingest.

Read-only ERP integration

FlexTrap is an analytical layer that sits on top of your ERPs. The platform reads transaction, vendor, and payment data to surface insight — your ERP remains the system of record for every write.

Tenant-isolated AI

Analytical models operate within your tenant boundary. Your data is not used to train shared or third-party foundation models.

Data minimization by design

We ingest only the AP and payment data required to power error detection, statement reconciliation, and inbox triage workflows.

Privacy framework

EU-U.S. Data Privacy Framework

FlexTecs complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. FlexTecs has certified to the U.S. Department of Commerce that it adheres to the DPF Principles for personal data received from the European Union and the United Kingdom.

Data Privacy Framework siteFile a DPF complaint via PrivacyTrustPrivacy Policy

Data handling

Your ERP stays your system of record

FlexTrap is the analytical layer on top of your ERP. Data handling is built on minimisation: read-only access, no writes back to source records, and only the data required to power the workflows you've licensed.

Data Protection Principles

  • Read-only ERP access — FlexTrap analyses source data and surfaces insight; it does not modify vendor master or payment records
  • Data minimization by design — we ingest only the AP and payment data required to power our workflows
  • Retention and deletion practices aligned with your contractual data governance requirements
  • Industry-standard administrative, technical, and physical safeguards applied to all data we process

For procurement & InfoSec

Request the security documentation pack

Our security team responds to vendor reviews under NDA. To request our current certifications, attestations, architecture overview, or to complete a security questionnaire, contact us below.

Send security questionnaires, NDA requests, and architecture-review enquiries to:

security@flextecs.com

Talk to our team.

Book a working session to walk through the architecture, review your security questionnaire, and request our current security documentation under NDA.

$1B+

Errors Recovered & Prevented

$1T+

Transactions Reviewed

600+

FlexTecs Employees

Book a Security BriefingCalculate Your Exposure