SECURITY & COMPLIANCE

Peace of mind at
every step.

From onboarding your team to processing payments and managing customer data, Tiquo has security built into every layer of the platform.

Explore the platform
Platform Security

Protection at every layer

Identity and access control

Tiquo integrates with Google, Azure, Okta, and other SAML 2.0 identity providers for Single Sign On. MFA and finely tuned permissions help enforce strong identity governance across your organization.

Continuous monitoring and alerting

Tiquo uses continuous monitoring, automated threat detection, and alerting to track anomalies and potential risks across the entire platform. All activity is logged and retained for audit and investigation.

Secure development lifecycle

Every feature follows a secure development process that includes code review, dependency scanning, static analysis, and regular penetration testing by qualified external assessors.

Encryption everywhere

All data is encrypted at rest with AES 256 and encrypted in transit with TLS 1.3. Sensitive information such as card data is tokenized by Stripe and never stored within Tiquo.

Certifications

Independent verification that you can rely on

SOC 2 Type II

Tiquo is audited annually for SOC 2 Type II, covering security, availability, processing integrity, confidentiality, and privacy. Independent auditors verify that our controls operate effectively throughout the year.

GDPR ready

Tiquo supports full GDPR compliance with tools for data access requests, data deletion, consent management, and transparent data handling practices. Customers can select their preferred data region.

PCI DSS through Stripe

Payments on Tiquo are processed through Stripe which is certified to PCI DSS Level 1. Card data is never stored on Tiquo servers, significantly reducing your compliance scope.

Infrastructure

Built on reliable, secure global infrastructure

Hosted on AWS

Tiquo operates on AWS using secure facilities in the EU and US. All data centres are SOC certified and protected with physical access controls, surveillance, resilient power and network systems.

High availability architecture

Multi zone redundancy and continuous health monitoring provide a reliable platform with minimal service interruption. Critical services include automated failover and real time scaling to maintain performance during peak demand.

Backup and restoration

Data is backed up continuously and stored in encrypted form in geographically separate locations. Restore points allow recovery from operational incidents or user error.

DDoS and network protection

AWS Shield and WAF protect against network level attacks. Intelligent filtering and rate limiting help maintain service availability even under abnormal traffic patterns.

99.99%

uptime SLA guaranteed

256-bit

AES encryption standard

24/7

security monitoring

<15min

incident response time

Data Governance and Control

Your data. Your control.

Data ownership and portability

Your organization retains full ownership of its data. Export all data at any time in standard formats including customers, bookings, payments, products, and reports.

Data lifecycle and deletion

Tiquo provides tools for customer data deletion and retention policies to support GDPR and other privacy frameworks. You can request deletion of all organizational data at any point.

Comprehensive audit logging

All actions within the platform are captured in tamper resistant audit logs. Track who accessed data, what changes were made, and when events occurred. Audit logs support forensic investigation and internal compliance standards.

Shared Responsibility

Security is strongest when it is shared

Tiquo follows the industry standard shared responsibility model. We secure the platform, infrastructure, and core services. You control access, permissions, device security, and how you use the platform. This approach creates clear accountability and ensures every layer of your environment is protected.

FAQS

How does Tiquo secure customer and business data?

All data is encrypted in transit and at rest. Access is controlled by SSO, MFA, and role based permissions. All activity is logged and monitored continuously.

What compliance certifications does Tiquo hold?

Tiquo is SOC 2 Type II certified and GDPR ready. Payment data is handled by Stripe which is PCI DSS Level 1 certified.

How does Tiquo manage infrastructure security?

Tiquo is hosted on AWS which provides global, resilient, and independently audited data centres. Redundancy, backups, and continuous monitoring ensure availability.

How are users authenticated?

Tiquo supports Single Sign On through major identity providers. Organizations can enforce MFA and control access through custom roles and permissions.

Can we export or delete our data?

Yes. Your data can be exported at any time. You can request full organizational data deletion or manage data subject requests directly within the platform.

Does Tiquo support incident response?

Yes. Tiquo maintains documented incident response procedures including detection, containment, communication, and post incident review.