Security & Data Protection

Your data security is our top priority

Last Updated: February 20, 2026

At My Schedule App, we take security seriously. This page outlines our infrastructure, data location, transport and edge security, access control, logging, maintenance, cookies, and how to report vulnerabilities.

1. Infrastructure & Hosting

  • Hosted in ISO/IEC 27001:2022 certified European data centers operated by Hetzner Online GmbH (Germany).
  • All production infrastructure located within the European Union.
  • Strict physical access controls and monitored facilities.
  • Redundant power and networking infrastructure.

2. Data Location & Sovereignty

  • All customer data stored within the European Union.
  • EU-first hosting strategy aligned with GDPR technical and organizational measures (TOMs).

3. Transport Security (TLS)

  • All traffic encrypted in transit using modern TLS protocols.
  • TLS 1.3 supported.
  • TLS 1.2 supported for compatibility.
  • TLS 1.1, TLS 1.0 and SSL disabled.
  • TLS enforced at the edge via Cloudflare.
  • Configuration achieves A+ rating on SSL testing platforms.

4. Edge Security & DDoS Protection

  • Cloudflare used for HTTPS termination and edge security.
  • Traffic filtering and DDoS mitigation.
  • Global content delivery optimization.

5. Infrastructure Architecture & Resilience

  • We use a redundant, replicated database architecture to ensure availability and data resilience.
  • Private internal networking between infrastructure components.
  • Firewall-restricted database access.
  • Automated backups.
  • Backups are protected with strict access controls.
  • Monitoring and alerting for system health.

6. Access Control & Authorization

  • Role-Based Access Control (RBAC).
  • Tenant data separation.
  • Least-privilege internal access policies.
  • Restricted administrative access.

7. Logging & Monitoring

  • Application-level audit logging.
  • Infrastructure monitoring.
  • Administrative action tracking.
  • Automated alerting for abnormal activity.

8. Maintenance & Patch Management

  • Regular OS updates.
  • Backend dependency updates.
  • Timely security patch application.
  • Ongoing infrastructure configuration review.

9. Cookies & Transparency

  • Essential cookies required for core platform functionality.
  • Analytical cookies used to improve performance and usability (where applicable).
  • Transparent cookie disclosures in our Cookie Policy.
  • User control options for non-essential cookies via our consent mechanism.

10. Vulnerability Reporting

Security issues can be reported to [email protected].

Security Contact

[email protected]

Responsible disclosure reviewed promptly.

Security at a Glance

TLS & Encryption

Modern TLS and encrypted data at rest

Resilience & Backups

Redundant architecture and encrypted backups

Monitoring & Logging

Audit logging and automated alerting

EU & GDPR

EU data location and GDPR-aligned measures

Ready to get started?

Join businesses that trust My Schedule App for secure scheduling.

Get Started Contact Us

We use cookies for essential functionality and, with your consent, analytics. See our Cookie Policy.