Security
How we protect your data and your clients' data
Security is core to Calenzi. You entrust us with your calendar, booking data, and payment information. We take that seriously and design our systems and processes to keep that data safe, available, and confidential.
Encryption
Data is encrypted in transit (TLS 1.3) and at rest (AES-256). Keys are managed in a secure, isolated environment. We never store or log payment card numbers; Stripe handles all payment data.
Infrastructure
We run on trusted cloud providers with strong physical and network security. Services are in regions that meet our data-residency and compliance requirements. Access to production is restricted and audited.
Access and authentication
We support strong authentication and encourage MFA. Access to customer data is limited to what's needed to operate and support the product. Access is logged and reviewed.
Compliance and audits
We align with SOC 2 Type II expectations and follow security and availability controls. We work with third parties to review our practices and fix issues in a timely way.
Incident response
We have defined procedures for detecting, containing, and resolving security incidents. Affected customers are notified in accordance with applicable law and our commitments.
Reporting vulnerabilities
If you believe you've found a security vulnerability in Calenzi, please report it to us responsibly. Contact security@calenzi.com. We will acknowledge your report and work with you to understand and address it. We ask that you avoid public disclosure until we have had a chance to resolve the issue.
For general security or compliance questions, see our Privacy Policy and Terms of Service, or contact us.