Data Security

Reservio meets even the most demanding security requirements. We adhere to the latest standards to ensure your data is protected.
ISO logo
ISO logo

ISO 27001:2013

We follow recommended international information security practices and hold an accredited certification.
GDPR logo
GDPR logo

GDPR

We protect sensitive data according to the strict rules of GDPR and European legislation. Find out more in our Privacy Policy.
LGPD logo
LGPD logo

LGPD

We apply measures under the strict Brazilian law for the processing and handling of personal information.
Privacy Shield logo
Privacy Shield logo

Privacy Shield

The Exchange of personal data between the EU, Switzerland, and the US is subject to the Privacy Shield framework.
SSL logo
SSL logo

SSL certificate

All data entered into Reservio is transferred encrypted using an internationally recognized SSL certificate.

Scheduling software security

Password and Credential Storage

We use advanced hashing techniques to keep your password secure when you log in repeatedly. It is recorded as an imprint using bcrypt, which prevents possible theft.

Permissions

Access to the software is limited to the account owner and the users specified in the settings. They must confirm the email invitation, which is used as address verification. The account administrator determines the scope of access and may restrict the availability of certain features.

Online Payments

All online payments for our plans and premium services are managed by our partner company 2Checkout. It adheres to the strictest international standards and is PCI DSS Level 1 certified (The Payment Card Industry Data Security Standard), which is currently the highest standard for online payment security. Find out more directly on the 2Checkout website.

Uptime

Reservio has a web and app uptime of 99.9% or higher. You can view our statistics for the past months.

Network and data storage

Regional Data Hosting and Storage

The data is securely stored in several data centres across Europe. We use DigitalOcean, Amazon Web Services, and Google Cloud in Frankfurt, as well as Nethost in Prague and Brno.

Backups

Data is backed up daily, so we can restore any data from any point in time. Backed up data is stored in a different location than our standard data centers to eliminate risks such as failure of one of the storage types.

Failover and Data Recovery

In the case that problems arise with our standard data centers, they are immediately substituted by backup databases in Prague, Brno, and Frankfurt. From there, any potentially lost data can be recovered.

Monitoring

All user operations are stored in ELK (Elasticsearch, Logstash, and Kibana), where we look for errors or anomalies. The data is then transferred to Amazon S3 storage for a retrospective or more detailed analysis of the problem.

Vulnerability Scanning

We prevent problems by identifying any vulnerable areas of the system. We use automated tools like Clair and Dependabot that not only identify risk areas but also proactively search for security updates.

Encryption

All data sent to or from the Reservio is transferred encrypted using 256-bit encryption. Our endpoints are secured with TLS/SSL (Transport Layer Security protocol and its predecessor Secure Sockets Layer). They have an "A+" rating in Qualys SSL Labs tests, which means we use only strong encryption suited for maximum security.

Customizable features

Data Retention

In order to comply with local privacy policies, you may choose how long you want to keep your clients' personal data. You can choose either the recommended timeframes or meet the unique needs of your business with custom settings.

Consent to receive Marketing Messages

To send your clients special offers, news, and other promotional messages about your services, you need permission from them. Reservio allows you to manage whether a confirmation prompt pops up when people book.

Terms and Conditions

If you have your own Terms and Conditions for your clientele, you can add it in the Business settings. The document will be available for your clients to read and agree when they book your services.

Privacy Policy

You can include your Privacy Policy in the booking process. Simply add it in your Business settings and it will be displayed for clients to consent before confirming the online booking.

Incident management and Troubleshooting

System Failure

In the case of unexpected downtime, Reservio uses a proven set of procedures. They lead to the immediate resolution of any problem in 24/7/365 mode. With daily backups, all data is recoverable.

Login Problems

In case of a forgotten password, a user is prompted to enter the email address they used to sign up. They will receive a message with a link to reset their password. Further information is not required from them.

Problems in the App

If a user comes across any problem, they can use our step-by-step guides. The user can also use the advice of our specialists and contact the Reservio Customer Care.

Legal documents

All further information can be found in the following documents: