Features / Security & Compliance

Security & Compliance

Enterprise-grade security built into every layer. Your property data, guest information, and business operations are protected by design, not as an afterthought.

🛡
GDPR SSL SOC 2 ISO 27001

Security at Every Layer

From the infrastructure to the application layer, TIOO implements defence in depth to keep your data safe and your operations running smoothly.

🔒

Complete Data Separation

Every organisation’s data is completely isolated from all others — by design, not as an afterthought. Data from one property can never leak into another.

🔥

Rate Limiting

Intelligent rate limiting protects login, signup, password reset, and API endpoints. Abusive traffic is blocked automatically with configurable thresholds and cooldown periods.

🔏

Account Protection

Automatic account lockout after repeated failed login attempts. Combined with email verification, phone verification, and optional two-factor authentication.

Comprehensive Audit Logging

Every sensitive operation is recorded in the Audit Log. Know who did what, when, from where, and with what result. Logs are retained for 12 months and can be exported to CSV.

  • Login and logout tracking with IP addresses
  • Settings changes with before/after values
  • Team member invitations and removals
  • Reservation modifications and cancellations
  • Guest data access and deletions
  • Payment and invoice operations
  • Filterable by user, action type, and date range
  • CSV export for compliance reporting
📜 Audit Log Last 24 hours
John Smith14:32
Updated room pricing for Ocean View Suite
Emma Wilson13:15
Invited new team member Maria Santos as Cleaner
John Smith11:48
Exported guest data for GDPR request
System09:00
Auto-deleted 3 expired guest ID photos (90-day policy)

GDPR & Data Protection

Built with European data protection regulations in mind. TIOO gives you the tools to comply with GDPR requirements for your property business.

📦

Data Export

Export all data for any guest or your entire organisation in standard formats. Fulfil Subject Access Requests (SAR) with a single click from your admin panel.

🗑

Data Deletion

Delete guest data permanently when requested. Guest ID photos are automatically removed after 90 days. Full account deletion with data cleanup on offboarding.

📜

Privacy by Design

Guest ID photos stored in encrypted private storage. Minimal data collection. Clear privacy policy and cookie consent. No tracking without consent.

🔐

Secure Infrastructure

SSL/TLS encryption for all connections. Data encrypted at rest with secure, protected infrastructure. Automated error monitoring with sensitive data scrubbing.

🛡 API Quota & Abuse Prevention

Usage quotas per plan ensure fair access for all customers, while built-in abuse prevention keeps the platform fast and reliable for everyone.

Your data, protected by default

Security isn't an add-on — it's built into every layer of TIOO.

Start Free Today View All Features