Infrastructure
Bokko's primary application infrastructure and database run on Google Firebase / Google Cloud Platform (GCP) in the europe-west1 (Belgium) region — primary data storage and backend processing take place within the EU.
- Database: Google Cloud Firestore — with native data durability and platform-level replication
- Backend: Firebase Cloud Functions — serverless, isolated execution environment
- Hosting: Firebase Hosting — Google-managed SSL certificate, HTTP not permitted
- Authentication: Firebase Authentication — Bokko never sees or stores passwords in plaintext
Access & encryption
Encryption
- All data travels over HTTPS/TLS protected channels; transport security parameters are managed by the Google/Firebase infrastructure layer
- Data at rest is protected with AES-256 encryption (Google platform-level control)
Access control
- Default deny: access is only permitted with explicit authorisation — anything not allowed by the rules is denied
- Data isolation: each provider can only access their own data; access to other subscribers' data is technically impossible
- Critical operations: billing and subscription status changes cannot be performed from the client — only via backend components
- Admin access: Firebase Console protected with MFA; access to the production infrastructure is restricted and minimised
- Secrets: API keys and webhook secrets are stored in Google Cloud Secret Manager; they never appear in code
Monitoring
Critical and security-relevant events are logged and monitored. When an incident is detected, we follow our internal incident response procedure.
Backups & recovery
Bokko relies on Firestore's platform-level durability and on recovery controls configured in the production environment. Exact restore options depend on the active Firebase / GCP configuration.
- Platform durability: Firestore's native durability and replication mechanisms reduce data-loss risk
- Production recovery controls: available restore options depend on the active operations configuration
- Backend redeployability: backend components can be redeployed from version-controlled source
Data handling & retention
Bokko applies a retention policy and removes expired data through an automated, scheduled process:
- Closed bookings: deleted after 60 months (5 years)
- Inactive guest profiles: deleted after 60 months (5 years) of inactivity
- Billing records: retained in accordance with applicable accounting legislation
Details: Retention & deletion policy
Payment security
Bokko does not handle or store payment card data. When online payments are enabled, transactions are processed on the active external payment page used by the provider (for example Stripe Hosted Checkout, Barion or SimplePay) — card data is processed exclusively within that payment provider's infrastructure.
Bokko only receives transaction status and related billing metadata from the active payment integration, via webhook or API channels protected with signature verification and replay safeguards where applicable.
GDPR & data protection
Bokko's data handling and processing practices have been designed with GDPR requirements in mind.
- Privacy policy: detailed description of purposes, legal bases and data subject rights
- Data processing agreement (DPA): GDPR Art. 28 data processing agreement for all active subscribers
- Data subject rights (DSAR): access, erasure, rectification and portability requests handled via support@bokko.app, within 1 month
- Incident response: in the event of a data breach, we act in accordance with applicable GDPR obligations, including supervisory authority notification where required
- Sub-processors: the full list and applicable data transfer safeguards are publicly available
Documents: Privacy policy · DPA annex · Sub-processors
Third-party providers
Bokko uses the following infrastructure and communications providers. Details of data transfer safeguards and compliance frameworks for each provider are available in the sub-processor register.
| Provider | Role | Compliance framework |
|---|---|---|
| Google Firebase / GCP | Infrastructure, database, authentication, hosting, analytics | ISO 27001, SOC 2 Type II, DPF, SCC |
| Google Calendar API | Optional calendar sync | ISO 27001, SOC 2 Type II, DPF, SCC |
| Stripe Inc. | Payment processing (Bokko billing) | PCI DSS Level 1, SOC 2 Type II, DPF, SCC |
| Barion, SimplePay | Optional payment providers | According to the providers' own compliance and contractual frameworks |
| Spoje.net, s.r.o. (BulkGate) | SMS reminders | GDPR (EU-based; delivery chain may involve third-country transfers) |
| Mailjet (Sinch) | Email notifications | Primarily within the EEA; SCC where applicable |
| Sentry | Error monitoring and diagnostics | According to the provider's own compliance and contractual framework |
| Billingo, Számlázz.hu | Optional invoicing providers | According to the providers' own compliance and contractual frameworks |
Contact
-
Privacy enquiries and data subject rights (DSAR):
support@bokko.app -
Security disclosures:
If you discover a vulnerability, please contact us by email before public disclosure so we have the opportunity to fix it — support@bokko.app - Operator: Mácsik Dávid (private individual, Open Beta operation)