QuintaGo
Documentação
← Toda a documentação
Documentação
SystemIntermediate
8 min read
Updated 1 May 2025

Security

Security is foundational to QuintaGo. Your venue data and your couples personal information are handled with the same rigour we would apply to our own data. This page documents how QuintaGo protects data, controls access, and maintains compliance.

Data encryption

All data is encrypted in transit and at rest:

  • In transit — TLS 1.3 enforced on all connections. HTTP requests redirect to HTTPS.
  • At rest — AES-256 encryption for all database records and file storage.
  • Backups — encrypted daily backups retained for 30 days, stored in a separate region.

Access control

QuintaGo uses role-based access control (RBAC) with the principle of least privilege:

  • Team members only see data their role permits
  • API keys have scopes that restrict which operations they can perform
  • Inter-service communication uses short-lived tokens, never long-lived credentials
  • All admin access to production infrastructure requires MFA

GDPR compliance

QuintaGo is fully GDPR-compliant. We act as a data processor — you are the data controller. What this means in practice:

  • Data is processed only in accordance with your instructions
  • Personal data is stored in EU data centres (AWS eu-west-1, Ireland)
  • You can export all data at any time from Settings → Data export
  • You can delete all personal data on account closure
  • A Data Processing Agreement (DPA) is available to all paying customers

Incident response

If we detect a security incident affecting customer data, we will:

  1. Contain and investigate the incident within 1 hour
  2. Notify affected customers within 24 hours via email
  3. Publish a post-incident report within 72 hours
  4. Report to supervisory authorities if required by GDPR (within 72 hours)
To report a security vulnerability, email security@quintago.io. We operate a responsible disclosure programme with a 90-day remediation commitment.

Single Sign-On (SSO)

Signature plan customers can enable SSO via SAML 2.0 or OIDC. Supported identity providers include Okta, Azure AD, Google Workspace, and any standard SAML provider. Configure SSO at Settings → Security → SSO.

Tags:securitygdprencryption

Was this article helpful?

NextStatus

Related articles

System StatusTroubleshooting