Scheduling software security
Password and Credential Storage
We use advanced hashing techniques to keep your password secure when you log in repeatedly. It is recorded as an imprint using bcrypt, which prevents possible theft.
Access to the software is limited to the account owner and the users specified in the settings. They must confirm the email invitation, which is used as address verification. The account administrator determines the scope of access and may restrict the availability of certain features.
All online payments for our plans and premium services are managed by our partner company 2Checkout. It adheres to the strictest international standards and is PCI DSS Level 1 certified (The Payment Card Industry Data Security Standard), which is currently the highest standard for online payment security. Find out more directly on the 2Checkout website.
Reservio has a web and app uptime of 99.9% or higher. You can view our statistics for the past months.
Network and data storage
Regional Data Hosting and Storage
The data is securely stored in several data centres across Europe. We use DigitalOcean, Amazon Web Services, and Google Cloud in Frankfurt, as well as Nethost in Prague and Brno.
Data is backed up daily, so we can restore any data from any point in time. Backed up data is stored in a different location than our standard data centers to eliminate risks such as failure of one of the storage types.
Failover and Data Recovery
In the case that problems arise with our standard data centers, they are immediately substituted by backup databases in Prague, Brno, and Frankfurt. From there, any potentially lost data can be recovered.
All user operations are stored in ELK (Elasticsearch, Logstash, and Kibana), where we look for errors or anomalies. The data is then transferred to Amazon S3 storage for a retrospective or more detailed analysis of the problem.
We prevent problems by identifying any vulnerable areas of the system. We use automated tools like Clair and Dependabot that not only identify risk areas but also proactively search for security updates.
All data sent to or from the Reservio is transferred encrypted using 256-bit encryption. Our endpoints are secured with TLS/SSL (Transport Layer Security protocol and its predecessor Secure Sockets Layer). They have an "A+" rating in Qualys SSL Labs tests, which means we use only strong encryption suited for maximum security.
In order to comply with local privacy policies, you may choose how long you want to keep your clients' personal data. You can choose either the recommended timeframes or meet the unique needs of your business with custom settings.
Consent to receive Marketing Messages
To send your clients special offers, news, and other promotional messages about your services, you need permission from them. Reservio allows you to manage whether a confirmation prompt pops up when people book.
Terms and Conditions
If you have your own Terms and Conditions for your clientele, you can add it in the Business settings. The document will be available for your clients to read and agree when they book your services.
Incident management and Troubleshooting
In the case of unexpected downtime, Reservio uses a proven set of procedures. They lead to the immediate resolution of any problem in 24/7/365 mode. With daily backups, all data is recoverable.
In case of a forgotten password, a user is prompted to enter the email address they used to sign up. They will receive a message with a link to reset their password. Further information is not required from them.
Problems in the App
If a user comes across any problem, they can use our step-by-step guides. The user can also use the advice of our specialists and contact the Reservio Customer Care.