EU hosting
All data is hosted with European providers inside the EU/EEA. Data does not leave the EU in normal operations. Any onward transfers happen on the basis of the EU Commission's Standard Contractual Clauses (SCCs).
Encryption
- All traffic is encrypted with TLS 1.2+ between browser, app and servers.
- Data is encrypted at rest (AES-256) in the database and file storage.
- Passwords are hashed with industry-standard algorithms — never stored in plain text.
Backups
- Automated daily database backups
- Point-in-time recovery for the past 7 days
- Backups are encrypted and stored in the EU
Access control and roles
Appointrdy uses role-based access control (RBAC). Users see only the data their role permits — for example admin, foreman or field crew. Row-level security in the database keeps each company's data fully isolated.
GDPR
We process personal data in line with GDPR. See our privacy policy and data processing agreement. You always own your data and can export or delete it at any time.
Internal security at Appointrdy
- Principle of least privilege for staff
- Two-factor authentication on all internal admin accounts
- Access is logged and reviewed regularly
- Secure development process with code review and automated tests
Incident response
In the event of a security breach we notify affected customers without undue delay — and within 72 hours of becoming aware — in line with GDPR Art. 33.
Report a vulnerability
Found a possible security issue? Send a confidential report to hello@appointrdy.com. We take every report seriously and will reply as quickly as possible.