SECURITY & COMPLIANCE
Under the marketing,
a secure foundation.
Guest data is sensitive. Useroam is built on encryption, access control, consent-based data and compliant logging.
Data hosting
Guest data and access records are hosted on dedicated infrastructure. Where local law requires it, access logs are kept as signed, timestamped records for the mandated retention period.
Encryption
All traffic is encrypted with TLS; the admin panel and API run over HTTPS.
Access control
Admin access is protected with 2FA, and role-based permissions apply across partner and staff accounts. Critical actions are logged for audit.
Consent-first data
Guests are informed on the welcome screen; marketing consent is captured separately and kept auditable. Campaigns only reach guests who explicitly opted in.
Backups & continuity
Data is backed up regularly and service availability is monitored.
Subprocessors
Subprocessors, including SMS/WhatsApp providers and hosting, are bound by contract; a current list is available on request.
Frequently asked questions
Where is my data stored?
Can I get a DPA?
Who owns the guest data?
Talk to our team.
Reach us for a DPA, subprocessor list or any security question.