Security and Privacy

Automatic Data Deletion

We delete all your data 90 days after you cancel. Need it gone sooner? Just ask.

EU Data Storage

All production data is stored in Germany. Your data never leaves the EU.

Purpose Limitation

Your clients' data is used only to send their appointment reminders. We never use it for marketing, profiling, or anything else.

Credit Card Data

Your credit card details never touch our servers. Stripe handles all payment processing and is fully PCI compliant.

Staff Access

No one on our team — including management — can see your credit card information.

Secure Hosting

RicordamiApp runs on DigitalOcean cloud infrastructure in Germany. DigitalOcean holds ISO 27001 and SOC 2 certifications. We follow their best-practice guides and review server logs regularly for suspicious activity.

Database Encryption

All data is encrypted at rest and in transit using AES-256-GCM. Unencrypted access is not possible.

Advanced Web Protection

Cloudflare WAF shields the app from SQL injection, XSS, and other exploits. Cloudflare also provides DDoS protection and geographic filtering to block traffic from high-risk regions.

Secure Web Traffic

All traffic is encrypted with TLS 1.2+. The app only accepts HTTPS connections.

Official APIs

Two-Factor Authentication (2FA)

We require 2FA on every system that supports it, covering infrastructure and customer data access.

Password Management

Every team member uses a password manager so every credential is strong and unique.

Limited Access

Only vetted team members can access personal data. When someone leaves the team, we revoke all their access immediately.