NewThe Appointer Marketplace is coming soon — get discovered by clients near you.Stay tuned
Security & trust

Your data, treated like ours.

EU hosting, encryption in transit and at rest, GDPR tooling built in — and your money never passes through us.

Encryption in transit & at rest

TLS on every connection and encrypted storage at rest. Tenant payment keys get an extra layer — AES-256-GCM at the application level.

EU-hosted

Amsterdam, the Netherlands — on Google Cloud infrastructure via Railway, in ISO 27001-certified data centers. Your data stays in the EU.

GDPR tooling built in

Export or permanently delete a client's data directly from the admin. Data Processing Agreement available on request.

Account security

Passwords hashed with scrypt, optional two-factor (TOTP) with one-time recovery codes, and password changes that invalidate open sessions.

Your money never touches us

Online payments settle directly with your payment provider (LiqPay or Stripe). We never hold your funds, and card data never reaches our servers.

Tenant isolation & audit

Every query is scoped to your business at the database level. Sensitive operator actions are recorded in an audit log.

Reporting a vulnerability

Found a security issue? Report it through our contact form (Bug report) — you'll get a ticket reference right away. We acknowledge reports within 24 hours and prioritize verified critical issues.