Security & Trust
Your data is safe with Riddlio
Security is not an afterthought. Every feature in Riddlio is built with data protection in mind — from encryption and access control to backups and compliance.
TLS 1.3 Encryption
Bank-grade transport security
GDPR Compliant
EU privacy regulation compliant
PCI-DSS via Stripe
Payment data never touches our servers
2FA Support
TOTP-based two-factor auth
Encryption in Transit
All data is encrypted in transit using TLS 1.3. Your customer data, booking details, and payment information are protected at every layer.
Automated Backups
Daily automated backups with 30-day retention. In the unlikely event of data loss, we can restore your account to any point in the last 30 days.
Role-Based Access Control
Assign staff to specific roles with granular permissions. Control who can view bookings, manage pricing, issue refunds, or access customer data.
Two-Factor Authentication
Enable 2FA on all admin accounts using Google Authenticator or any TOTP app. An extra layer of security beyond passwords.
GDPR & Privacy Compliant
Full GDPR compliance with data export, data deletion, and customer consent management. We never sell or share your data with third parties.
Data Ownership & Export
You own your data, period. Export everything as CSV or JSON at any time. If you leave, we delete your data within 30 days — no lock-in.
Secure Payment Processing
Payments are processed by PCI-DSS compliant providers (Stripe, Square). Riddlio never stores raw credit card numbers — only encrypted tokens.
Have security questions?
We are happy to provide our full security documentation, data processing agreement, and compliance details. Contact our team for a security review.