Trust & compliance

Security at Eventira

Your attendees trust you with their data — and you trust us with it. Here’s how we keep it safe, from encryption to breach response.

EU / EEA-hosted GDPR-ready AES-256 encryption DPA available

Encryption

  • At rest: AES-256 encryption for stored data.
  • In transit: TLS 1.2+ for all connections between you, attendees, and our servers.

Access control

  • MFA-enforced access for our team, on a least-privilege basis.
  • Staff are bound by confidentiality obligations and only access data when necessary to operate the service.
  • You control your own team’s access from within the platform.

Infrastructure & hosting

Eventira is hosted in the EU/EEA on reputable cloud infrastructure. Data storage, processing, and email delivery run within the EEA (Amsterdam, Netherlands); attendee networking/matching is operated in-house.

Sub-processorPurposeLocation
DigitalOcean (cloud hosting)Infrastructure & data storageAmsterdam, Netherlands (EEA)
DigitalOceanTransactional email deliveryAmsterdam, Netherlands (EEA)
Eventira (in-house)Attendee networking & matchingIndia
Google AnalyticsWebsite analytics (consent-gated)EU/US (Consent Mode)

Testing & monitoring

We run regular security testing and monitoring, and keep our stack patched and up to date.

Breach response

We maintain a tested incident-response procedure. In the event of a confirmed personal-data breach, we notify the affected controller within 72 hours with full details.

Your data, your control

Attendees and account holders can manage and delete their own data at any time (see deleting your account). On termination, we delete or return data within 30 days, subject to documented retention.

Reviewing us for a deal? See our GDPR & DPA page (including a downloadable DPA), or email admin@eventira.com with any security questions.