X-Tron ensures via a robust IT infrastructure and client-based data rights that your data is treated confidentially. As a result, data exchange on X-Tron is more secure than via traditional means of communication.

Data protection


Your data are kept strictly confidential and only you determine who may receive this data with each request.

In order to ensure that sensitive information on your export business is secure and does not reach third parties, every bank employee has to accept our terms and conditions as well as our privacy policy before being able to access your offer.


When making a request via X-Tron, you have full control over which banks and bank employees this information is sent to.

You own all data that you provide on X-Tron.


Most companies communicate with banks via unsecure channels, including unencrypted e-mails and telephone calls.

On X-Tron, on the other hand, you sign in to the marketplace hosted on servers in Germany, which is where the data pertaining to your offer is stored. The bank can then retrieve offer data from there. This means that all communication between you and the banks is facilitated via secure servers rather than e-mail.

However, this does not mean that you cannot call or send an e-mail to the responsible bank employee to discuss an offer. When a bank sends you an offer, you will receive all relevant contact details as well.

Data security


The basis for the secure treatment of your data, next to the utilized technology, is our close collaboration with a medium-sized German technology partner.

It has developed complex platforms in the past and works with large German banks, among others.


All data are processed and saved in a data centre in Germany.

CISPE data processing ensures that data is secured according to DSGVO.

The infrastructure was developed using the highest available security standards. It is maintained and kept up to date through consistent component and security audits.

Through the observance of ISO 27001, comprehensive security controls are guaranteed. The infrastructure has been audited by external assessors and is certified for ISO 27001, 27017 and 27018.


The infrastructure is monitored around the clock for uptime, performance and security.

An advanced monitoring and alerting system ensures a fast reaction through the use of various communication channels and escalation levels. All incidents are recorded and logged in detail. The vulnerability monitoring ensures that should any security gaps arise, they can reliably be dealt with.


All uploaded documents are automatically scanned by Antivirus software that prevents any malware from being uploaded.