geteventriX is built for organizations that answer to legal, finance, and their attendees. Here's exactly how we protect the data you put in the platform.
AES-256 encryption at rest for all customer data; TLS 1.3 for every connection in transit. Payment credentials never touch our servers โ they are tokenized by the gateway.
Card processing is delegated entirely to certified processors (Nexpay, Stripe, PayPal). geteventriX stores no PANs, CVVs, or magnetic-stripe data โ only gateway tokens and settlement references.
Data export, right-to-be-forgotten workflows, consent management, and EU data residency. Signed DPAs available for all EU customers, with sub-processor transparency.
Every webhook is signed with HMAC-SHA512 and verified with constant-time comparison. API access uses scoped keys with per-tier rate limits and full audit trails.
Role-based permissions (admin/manager/staff/viewer), SSO via SAML and OAuth on Enterprise, mandatory 2FA options, session management, and device tracking.
Multi-AZ PostgreSQL with point-in-time recovery, daily encrypted backups, DDoS mitigation at the CDN edge, and isolated tenants with row-level security.
We're happy to complete security questionnaires, share pen-test summaries, and sign DPAs. Typical turnaround is three business days.
Contact security team โ