Shared customer record
Profiles, bookings, orders, payments, messages, and marketing history stay in one operating context.
TRUST · DACH-NATIVE
Encryption at rest. Tokenized payments. Audit trail you can read.
Built for DACH SMB operators in gastronomy, hospitality, retail, and e-commerce. Card data tokenized at the edge by a PCI-DSS Level 1 certified payments partner. Workspace-level roles for every action. Audit-ready exports for KassenSichV, GoBD, and DATEV. EU-hosted by default.
What's locked down by default.
-
EU data residency
EU-hosted with documented subprocessors, DPA, and SCCs for any cross-border transfer.
-
Encryption everywhere
TLS 1.3 in transit. AES-256 at rest. Per-customer key separation for sensitive fields.
-
PCI-DSS payments partner
Card data is tokenized at the edge by a PCI-DSS Level 1 certified payments partner. Your servers never see a PAN.
-
GDPR + DPA
Data Processing Agreement on every plan. SCCs for sub-processors. Full audit trail.
-
Strong Customer Authentication
PSD2-compliant 3DS2 + frictionless flows. Exemptions handled automatically.
-
Ongoing monitoring
Logging and alerting on critical paths. Documented incident-response process.
Operational controls
Roles, audit, and 2FA, on by default.
Role-based workspace permissions Admin action audit trails Session and device controls 2FA and step-up authentication Payment tokenization Data processing agreements
Documents
Read the underlying terms and policies.
Talk to securityUnder the surface
Every page connects back to the same operating system.
Even company, security, and press pages should make the operating model clear: one record, clear controls, and apps that work together.
Roles and controls
Locations, teams, approvals, audit trails, and exports are part of the system instead of afterthoughts.
Payments and hardware
Terminals, online checkout, wallets, links, payouts, and reconciliation work beside POS and back office.
Operational reporting
Revenue, inventory, staff, bookings, and campaigns are read from the same sources.