Security

How we protect your data and keep the platform secure.

Infrastructure

Eventry is hosted on enterprise-grade cloud infrastructure within the EU. All data is stored in data centres that comply with ISO 27001 and SOC 2 standards. We use multi-tenant isolation to ensure strict separation between organisations.

Encryption

All data in transit is encrypted using TLS 1.2 or higher. Sensitive data at rest — including personal information and payment details — is encrypted using AES-256. Database connections use SSL certificates.

Authentication

We use industry-standard OpenID Connect for authentication, powered by Keycloak. Support for multi-factor authentication (MFA), single sign-on (SSO), and SAML integration is available on enterprise plans.

Access Control

Role-based access control (RBAC) ensures users only access the data and features relevant to their role. API access is secured through scoped API keys with configurable permissions and expiration.

Monitoring & Logging

We monitor the platform 24/7 with automated alerting. Audit logs track all sensitive operations. We use distributed tracing and structured logging for rapid incident response.

Data Protection

Eventry is fully GDPR-compliant. We implement data minimisation, purpose limitation, and provide tools for data export and erasure. Soft-delete policies ensure data can be recovered within retention periods before permanent removal.

Vulnerability Management

We perform regular security assessments and dependency scanning. Our CI/CD pipeline includes automated security checks. If you discover a security vulnerability, please report it responsibly to security@eventry.se.