Skip to main content

Permissions and security

Overview of how LoadOps secures your data, how email access works, and how Nylas and SOC 2–compliant infrastructure help keep your data protected.

Updated this week

Our security approach

LoadOps is built for dispatchers and carriers who work with sensitive operational and financial data every day. We follow industry-standard security practices and controls to keep that data protected.

At a high level, we focus on:

  • Strong access controls and authentication.

  • Secure connections between LoadOps and your tools.

  • Clear limits on what data we use and why.

How LoadOps connects to your email

When you connect Gmail or Outlook, LoadOps uses the provider’s standard OAuth flow:

  • You log in on Google or Microsoft, not inside LoadOps.

  • Google/Microsoft ask you to approve the requested permissions.

  • If you agree, they issue secure tokens that allow LoadOps (through Nylas) to send and read emails in the scopes you approved — without sharing your password.

We never see or store your email password.

What data we access (and why)

To power features like 1-Click Emails, AI Emails, follow-ups, and Booking history, LoadOps needs limited access to your email:

  • Send emails to brokers from your connected account.

  • Read emails related to loads and brokers so we can:

    • Show sent emails in the panel.

    • Match replies to loads.

    • Build your recent booking history.

We do not use your email data for advertising, resell it, or share it with unrelated third parties.

Nylas: our secure email provider

LoadOps uses Nylas as the infrastructure layer for email and calendar connectivity. Nylas is a specialized platform for connecting to providers like Google and Microsoft, and it is certified against multiple security and privacy frameworks, including SOC 2 Type II and ISO 27001.

By building on Nylas, LoadOps inherits:

  • Secure OAuth-based authentication flows.

  • Strong access controls and auditing around user data and credentials.

  • Compliance with major standards such as SOC 2 Type II and ISO 27001.

This lets us focus on product features for dispatchers while relying on proven infrastructure for email security.

SOC 2 and compliance

Nylas is independently audited against SOC 2 Type II, ISO 27001, and other frameworks, with no findings in recent audits.

LoadOps builds on top of this infrastructure and aligns internal processes with SOC 2 controls and industry best practices for handling sensitive data, especially around:

  • Access control and least-privilege access.

  • Monitoring and logging of system activity.

  • Secure development and change management.

If you or your compliance team need more detail on Nylas security and certifications, we can provide links to the Nylas Trust Center and relevant documentation under NDA.

Encryption and data protection

  • All traffic between LoadOps, Nylas, and email providers is protected with TLS encryption in transit.

  • User data stored by Nylas is encrypted and protected with strict access controls.

  • Access tokens are stored securely and can be revoked at any time.

If you disconnect, previously sent emails stay in your normal Sent folder, but LoadOps features that depend on live email access will stop working.

We also follow security best practices for managing secrets (API keys, tokens) in our own infrastructure, based on guidance from Nylas and major cloud providers.

If you have security questions

If you have any questions about security, data protection, or compliance:

  • Contact us at info@loadops.ai.

  • Or reach out through the LoadOps support widget.

We will be happy to coordinate with your IT or compliance team.

Did this answer your question?