Privacy & security

Security & data protection

Your guests’ data belongs to you — and stays in Europe. The first part of this page explains plainly how ticketYoo protects it; the second part gives IT and data protection officers the hard details.

Jump to IT details Privacy policy

Trust that rests on technology

At ticketYoo, data protection isn’t an add-on — it’s built in.

🇩🇪Hosted in Germany
🏅ISO 27001
📋GDPR-compliant
🔒AES-256 & TLS

Data stays in the EU

Storage and processing exclusively in Germany — no default transfer to third countries.

Strong encryption

Sensitive data and file uploads — including guest photos — are encrypted with AES-256-GCM; transport via TLS.

Sign the DPA online

Conclude the Art. 28 GDPR data processing agreement directly in ticketYoo — no paperwork.

2FA & access control

Two-factor login (TOTP), role-based permissions and strict tenant isolation between teams.

Mutual consent

Networking requires mutual consent, granular field sharing and per-scan revocation — privacy by design.

Delete & anonymize

Rule-based retention: past guest and contact data is automatically anonymized or deleted.

For IT & data protection officers

The details you need

So your assessment is quick — open and without marketing fog.

1. Hosting & infrastructure

  • Data center in Germany; application and database (PostgreSQL) are operated exclusively in the EU.
  • End-to-end transport encryption via TLS/HTTPS; cookie only technically necessary and with the secure flag.
  • Daily, encrypted backups; recovery process documented.
  • ISO 27001-certified information security management.

2. Encryption

  • File uploads and sensitive fields (incl. guest photos, signatures) encrypted with AES-256-GCM.
  • Key derivation via PBKDF2; secrets (e.g. SMTP passwords, API keys) stored encrypted, never returned in plain text.
  • Upload hardening: extension whitelist + magic-byte check; executable/HTML files are blocked (protection against stored XSS).

3. Access & authentication

  • Two-factor authentication (TOTP) for operator accounts.
  • Role-based permissions, event-specific roles (check-in only, guest list or full editing).
  • Strict tenant isolation between teams; cross-tenant access blocked server-side.
  • Optional single sign-on via Microsoft Entra ID (Azure AD).

4. Data-subject rights & minimization

  • Access & export: guest data can be exported in a structured way (CSV/Excel).
  • Deletion & anonymization: team-configurable retention periods, automatic cron, exceptions by consent/tag.
  • Consent: documented per consent, with an optional legally valid signature (encrypted) at registration or check-in.
  • Networking/lead scan: mutual consent, granular field sharing, per-scan revocation.

5. Sub-processors (transparent)

The core platform works without US data transfer. Optional features involve additional services — only if you enable them:

  • Hosting/database: provider in Germany (EU).
  • Email delivery: mail-server infrastructure in the EU (DKIM/SPF); own sender per team possible.
  • Online payment (optional): Stripe — only active if you enable online payments; payment data then runs through Stripe.
  • SMS/WhatsApp (optional): via the provider you choose, only when enabled.
  • Push notifications (optional): Apple (APNs, USA) and Google (FCM, USA) — technically required to deliver to iOS/Android devices, only when push is used.

The full, current list of processors is part of the DPA.

6. Technical & organizational measures (TOM)

  • Physical/system/data access: data-center security, 2FA, role-based permissions, tenant separation.
  • Input/transfer: TLS, encrypted storage, logging of security-relevant actions.
  • Availability: daily encrypted backups, rate limiting/quota against abuse, virus scanning for uploads.
  • Resilience: regular penetration tests and targeted hardening of public endpoints.

Contact for privacy questions

Questions about data processing or privacy are answered by our external data protection officer. We provide a DPA draft, TOM overview and privacy policy on request.

info@dsb-r.de Sample DPA (PDF) Privacy policy Contact

FAQ

Common privacy questions

Where is the data stored?

Exclusively in a data center in Germany and therefore within the EU.

Do you sign an Art. 28 GDPR DPA?

Yes, online directly in ticketYoo. On request we provide the draft in advance for review.

Is data transferred to the US?

Not the core platform. Only optional services you enable (e.g. online payment via Stripe) then process their own data — listed transparently in the DPA.

How is old guest data deleted?

Via team-configurable retention periods: past guest and contact data is automatically anonymized or deleted, with exceptions by consent.

Can I get a list of sub-processors and TOM?

Yes. The sub-processor list and technical-organizational measures are part of the DPA and provided on request.

Data protection you can trust