Your data is safe with us.
Security is not an afterthought — it's the foundation everything at HotelX is built on. We protect hotel and guest data with the same rigor you'd expect from a financial institution.
Encryption
AES-256 encryption at rest and TLS 1.3 in transit. Every byte of data is protected, whether it's moving or stored.
Authentication
Passwords hashed with bcrypt, secure session tokens with automatic rotation, and optional two-factor authentication.
Infrastructure
Hosted on AWS eu-central-1 (Frankfurt) with VPC isolation, private subnets, and automated backups every 6 hours.
Monitoring
24/7 uptime monitoring with anomaly detection. Our incident response team is on-call and responds within 1 hour.
Compliance
Fully GDPR compliant. SOC 2 Type II aligned practices. Regular third-party audits validate our security controls.
Access Control
Role-based access with the principle of least privilege. Every action is logged in a tamper-proof audit trail.
Responsible Disclosure
Found a vulnerability? We appreciate responsible disclosure. Please report security issues to security@hotelx.app. We commit to acknowledging reports within 24 hours and providing a resolution timeline within 72 hours.
Have questions about our security practices? Get in touch.