Security and privacy
Your data, well protected.
You work with client data, contracts, and your team's records. We store them encrypted and well isolated. You stay in control, and your data stays yours.
A data processing agreement is available on request.
At a glance
- Hosted in the EU (Frankfurt)
- HTTPS everywhere, with HSTS and a strict CSP
- Encrypted in transit and at rest
- Roles and permissions, separated per organization
- Export and delete whenever you want
EU
hosted in Frankfurt, processed within the EU
AES-256
encryption of sensitive data
0
card numbers stored
GDPR
export and delete on request
How we protect your data
Security sits in every layer, from where your data lives to who can reach it. Here's what we do in practice.
EU hosting
Your data lives at Neon in the EU (Frankfurt) and is processed within the EU.
Encrypted traffic
HTTPS everywhere, with HSTS and a strict Content-Security-Policy. Encrypted in transit and at rest.
Encrypted secrets
We store mailbox and integration credentials encrypted with AES-256.
Access and sign-in
Sign-in through Auth.js with bcrypt, email verification, rate limiting, and SSO with Google or Apple.
Roles and isolation
Permissions per role, and every organization is strictly separated from the rest in the database.
Payments through a PSP
Card data runs entirely through Mollie and Stripe. We never see or store card numbers.
AI with boundaries
AI features run on the Anthropic Claude API. Your data is not used to train models.
Your data rights
Export your data as JSON, and delete or anonymize accounts whenever you want.
Monitoring and recovery
An audit log of sensitive actions, error monitoring without personal data, and database backups with point-in-time recovery.
Talk to us about security.
Questions about how we handle your data? Book a demo or email privacy@eventsprint.io.