Log in
Start now

The security and protection of your data is our priority.

The security and protection of your data is our priority.

A certified and sovereign SaaS event platform

Security has been an integral part of AppCraft's DNA since 2016. Our SaaS platform, 100% hosted in France, is ISO 27001 certified. ISO 27001since 2021. This is the most demanding international standard for information security management.
Every year, we gain expertise and maturity to serve you better.
We implement annual audits, full data encryption, and redundant cloud architecture to ensure the protection, availability, and integrity of your event information.

Discover our security policy
Illustration of a laptop displaying a digital padlock made up of a network of light points, symbolizing cybersecurity, encryption, and data protection on the AppCraft platform.

Data hosted in France, at OVHcloud

Digital sovereignty and GDPR compliance

All data processed by AppCraft is hosted in France, in Gravelines, in OVHcloud-certified data centers (ISO 27001, PCI-DSS, SOC 1 & 2 Type II). This approach guarantees complete digital sovereignty, strict compliance with the GDPR, and total transparency for our customers.

Learn more about our OVHcloud hosting

Secure and resilient architecture

Redundancy, load balancer, and anti-DDoS protection

Our infrastructure is based on a multi-zone architecture (Gravelines & Roubaix) with integrated load balancer and CDN.
Requests are automatically distributed across four application servers to ensure high availability (99% SLA).
OVHcloud's anti-DDoS protection, UFW firewalls, and Bitdefender antivirus software guarantee service continuity even in the event of an attack.

Discover our technical architecture

Full encryption of streams and data and HTTPS

From transmission to storage, your data is protected

All exchanges on the platform are encrypted via HTTPS and TLS 1.2.
Databases and files are encrypted at rest (AES-256), with automatic key rotation and daily backups over a rolling 15-day period.
Each sensitive file has a unique key, ensuring absolute confidentiality.

See our encryption protocols

Regular audits and penetration tests

Safety validated by independent experts

AppCraft has its platform audited at least once a year by specialized companies such as Synacktiv and Orange Cyberdefense.
We also allow our customers to perform their own penetration tests to verify the robustness of our system.

Consult our security reports upon request

Business continuity and incident management

Anticipate, protect, and recover without interruption

Thanks to a Business Continuity and Disaster Recovery Plan (BCP/DRP) that is tested annually, AppCraft guarantees the availability of its services in all circumstances.
In the event of an incident, our teams respond within 30 minutes and ensure recovery within a maximum of 4 hours during ongoing events.
Backups and restores are automated, ensuring a maximum data loss of 24 hours.

Discover our continuity plan (BCP/DRP)

Authentication, password encryption, and SSO

We raise awareness among your employees and guests during events.

For your security, AppCraft imposes requirements on your users and guests in terms of password format (length, special characters, etc.). They are then encrypted on our servers, making them unreadable, even by the AppCraft team.

For your administrators, we strongly recommend using SSO (Single Sign On) in your organization.
If you use SSO, we can implement it within 48 hours so that your employees can use this method to access their AppCraft accounts.

FAQs on Cybersecurity in Events

It certifies that our information security management system meets the most stringent international standards, covering technical, organizational, and human aspects. On organizational aspects: All AppCraft employees are made aware of and confronted with security and data protection issues: - ongoing training on security and data protection issues via chatbots - adherence to our IT charter and special provisions included in each contract - limiting employee access to data strictly necessary for their tasks (least privilege strategy) - centralized password management and fine-grained management of permissions granted to employees and/or partners

Yes, a comprehensive annual audit is conducted by an external service provider, and customer intrusion tests can be organized upon request.

The data is encrypted, stored in France, and never used for commercial purposes. It is deleted after each event, in accordance with the GDPR. Appcraft also offers detailed traceability and logging of changes made from the back office: each action is tracked, time-stamped, and linked to the account that initiated the change. Furthermore, AppCraft never shares or sells contact lists to third parties. Unfortunately, a fraudulent practice known as a "scam" may invite potential participants or exhibitors to retrieve and purchase the list of registrants. We are taking all necessary measures to put a stop to these deceptive commercial practices and we thank you in advance for your cooperation if you encounter this type of practice. What to do in case of a scam: 1 Do not reply to this email. 2 Do not open any attachments or click on any links. 3 Block the sender and mark the email as "Junk/Spam." 4 Notify us at dpo@appcraft.fr

Notre plan PCA/PRA garantit une réaction immédiate (<30 min), un rétablissement rapide du service, et une traçabilité complète des actions.

Do you have an event to organize?

Get started with Appcraft!

Get in touch with us!

Appcraft Insurance

Do as our 200+ clients, agencies, and companies have done:
choose peace of mind with the No. 1 provider.

GDPR illustration representing personal data protection, cybersecurity, and regulatory compliance for a digital platform.

GDPR
Personal data
s of your events

CSR illustration symbolizing corporate social responsibility, sustainable development, and environmental commitment.

CSR
ISO 20121:2024
s for your meetings

Illustration of modular digital interfaces representing data management, digital tools, and connected systems.

Project monitoring
100% support
s for your events

Illustration of the ISO standard representing data security, compliance, and reliability of a professional digital platform.

Cybersecurity
ISO 27001
eventech

Illustration representing a sovereign digital infrastructure in France, symbolizing secure hosting, data localization, and GDPR compliance.

Digital sovereignty

The comprehensive event platform to manage all your events
Contact us
Solutions
100% Autonomous 100% Supported 100% Agency 150 Features
About
Our company Appcraft Magazine Support Contact us
Discover our newsletter
The latest event news, resources, and best practices delivered to your inbox every month
Our certifications
ISO 27001 certification icon symbolizing information security, data protection, and IT risk management.GDPR icon representing European GDPR compliance and personal data protection in a secure digital solution.ISO 20121 certification icon illustrating responsible event management and commitment to sustainable development.
Our partners
Freelance event professionals collaborating on the organization and management of professional events via a centralized digital platform.
Copyright © 2026 - APPCRAFT - All rights reserved - Legal notices - Privacy policy - ISO27001 security policy - Sustainable development policy - Product sheets - Features