Security at Eventira
Your attendees trust you with their data — and you trust us with it. Here’s how we keep it safe, from encryption to breach response.
Encryption
- At rest: AES-256 encryption for stored data.
- In transit: TLS 1.2+ for all connections between you, attendees, and our servers.
Access control
- MFA-enforced access for our team, on a least-privilege basis.
- Staff are bound by confidentiality obligations and only access data when necessary to operate the service.
- You control your own team’s access from within the platform.
Infrastructure & hosting
Eventira is hosted in the EU/EEA on reputable cloud infrastructure. Data storage, processing, and email delivery run within the EEA (Amsterdam, Netherlands); attendee networking/matching is operated in-house.
| Sub-processor | Purpose | Location |
|---|---|---|
| DigitalOcean (cloud hosting) | Infrastructure & data storage | Amsterdam, Netherlands (EEA) |
| DigitalOcean | Transactional email delivery | Amsterdam, Netherlands (EEA) |
| Eventira (in-house) | Attendee networking & matching | India |
| Google Analytics | Website analytics (consent-gated) | EU/US (Consent Mode) |
Testing & monitoring
We run regular security testing and monitoring, and keep our stack patched and up to date.
Breach response
We maintain a tested incident-response procedure. In the event of a confirmed personal-data breach, we notify the affected controller within 72 hours with full details.
Your data, your control
Attendees and account holders can manage and delete their own data at any time (see deleting your account). On termination, we delete or return data within 30 days, subject to documented retention.