TripStub
CapabilitiesStorefrontsPricingFAQAboutContact
Sign inGet started — free
Security

Boring, load-bearing security.

Most booking platforms treat security as a badge. We treat it as the minimum contract we owe every operator.

PCI-DSS

Inherited via Stripe/Adyen

Cards never touch our servers — tokenized at the gateway.

GDPR

Compliant

Full data export + deletion, Article 17 ready, DPA on request.

CCPA

Compliant

Right-to-know + delete honored. Sale opt-out n/a — we don't sell data.

SOC 2 Type I

Planned, not yet scheduled

Controls in place; we'll engage an auditor when customer demand justifies the spend.

Tenant isolation

Every row in the database is scoped by workspace. A bug in one workspace's code path physically cannot read another's data.

Encryption everywhere

TLS 1.3 in flight. AES-256 at rest for backups and any secret we store. Per-workspace payment secrets are envelope-encrypted.

Least-privilege access

Role-based permissions per workspace. Granular permissions per area (products, bookings, members). Session tokens rotate on every use.

What we ship today

  • Short-lived access tokens paired with single-use refresh tokens. Reuse of a rotated refresh token revokes the session as a compromise signal.
  • Per-account signing keys for webhook integrations. Your signing secret isn't shared across workspaces.
  • Idempotency keys on every mutating endpoint so retries are safe.
  • Audit trail on every workspace mutation (who, when, what).
  • Data export / delete on demand, honouring GDPR Article 17 / CCPA deletion rights.

What's in progress

  • TOTP 2FA for workspace owners — currently being rolled out.
  • SOC 2 Type I — the controls are already in place; we'll engage an auditor when a customer that needs the attestation asks for it. Happy to provide our controls documentation in the meantime.
  • SAML / OIDC SSO for operators with a central identity provider — planned, still free when it lands.

Responsible disclosure

Security-first

Found a vulnerability? Email security@tripstub.com. We triage within four hours during business days. No bug-bounty program yet, but responsible disclosure gets public credit (opt-in) and our sincere thanks.

Please don't run automated scanners against production — we see them, and they slow down real triage. Point-in-time tests against your own workspace are fine.

Sub-processors

A short list of vendors helps run the platform. Each has a signed DPA with us and is chosen for its security track record. The current list is available on request — email privacy@tripstub.com.