Data Security
Reservio meets even the most demanding security requirements. We adhere to the latest standards to ensure your data is protected.
ISO 27001:2013
We follow recommended international information security practices and hold an accredited certification.
GDPR
We protect sensitive data according to the strict rules of GDPR and European legislation. Find out more in our Privacy Policy.
LGPD
We apply measures under the strict Brazilian law for the processing and handling of personal information.
Privacy Shield
The Exchange of personal data between the EU, Switzerland, and the US is subject to the Privacy Shield framework.
SSL certificate
All data entered into Reservio is transferred encrypted using an internationally recognized SSL certificate.
Scheduling software security
Password and Credential Storage
We use advanced hashing techniques to keep your password secure when you log in repeatedly. It is recorded as an imprint using bcrypt, which prevents possible theft.
Permissions
Access to the software is limited to the account owner and the users specified in the settings. They must confirm the email invitation, which is used as address verification. The account administrator determines the scope of access and may restrict the availability of certain features.
Online Payments
All online payments for our plans and premium services are managed by our partner company 2Checkout. It adheres to the strictest international standards and is PCI DSS Level 1 certified (The Payment Card Industry Data Security Standard), which is currently the highest standard for online payment security. Find out more directly on the 2Checkout website.
Uptime
Reservio has a web and app uptime of 99.9% or higher. You can view our statistics for the past months.
Network and data storage
Regional Data Hosting and Storage
The data is securely stored in several data centres across Europe. We use DigitalOcean, Amazon Web Services, and Google Cloud in Frankfurt, as well as Nethost in Prague and Brno.
Backups
Data is backed up daily, so we can restore any data from any point in time. Backed up data is stored in a different location than our standard data centers to eliminate risks such as failure of one of the storage types.
Failover and Data Recovery
In the case that problems arise with our standard data centers, they are immediately substituted by backup databases in Prague, Brno, and Frankfurt. From there, any potentially lost data can be recovered.
Monitoring
All user operations are stored in ELK (Elasticsearch, Logstash, and Kibana), where we look for errors or anomalies. The data is then transferred to Amazon S3 storage for a retrospective or more detailed analysis of the problem.
Vulnerability Scanning
We prevent problems by identifying any vulnerable areas of the system. We use automated tools like Clair and Dependabot that not only identify risk areas but also proactively search for security updates.
Encryption
All data sent to or from the Reservio is transferred encrypted using 256-bit encryption. Our endpoints are secured with TLS/SSL (Transport Layer Security protocol and its predecessor Secure Sockets Layer). They have an "A+" rating in Qualys SSL Labs tests, which means we use only strong encryption suited for maximum security.
Customizable features
Data Retention
In order to comply with local privacy policies, you may choose how long you want to keep your clients' personal data. You can choose either the recommended timeframes or meet the unique needs of your business with custom settings.
Consent to receive Marketing Messages
To send your clients special offers, news, and other promotional messages about your services, you need permission from them. Reservio allows you to manage whether a confirmation prompt pops up when people book.
Terms and Conditions
If you have your own Terms and Conditions for your clientele, you can add it in the Business settings. The document will be available for your clients to read and agree when they book your services.
Privacy Policy
You can include your Privacy Policy in the booking process. Simply add it in your Business settings and it will be displayed for clients to consent before confirming the online booking.
Incident management and Troubleshooting
System Failure
In the case of unexpected downtime, Reservio uses a proven set of procedures. They lead to the immediate resolution of any problem in 24/7/365 mode. With daily backups, all data is recoverable.
Login Problems
In case of a forgotten password, a user is prompted to enter the email address they used to sign up. They will receive a message with a link to reset their password. Further information is not required from them.
Problems in the App
If a user comes across any problem, they can use our step-by-step guides. The user can also use the advice of our specialists and contact the Reservio Customer Care.