Safe Cloud Bookings

We use some of the most advanced Internet security technologies available. The BookingFor application is hosted on Microsoft Azure which boasts international compliance standards as one of its main strengths, complying with the requirements of ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2. Microsoft was also the first company to adopt the uniform international code of practice for privacy in the cloud, ISO/IEC 27018, which regulates the processing of personal information by the cloud service provider. The web services are protected by a 256-bit industry standard SSL encrypted certificate.


Our systems are PCI DSS compliant, and our PCI-DSS compliance is validated by a specific authorised company.

It is your data – We will keep it safe

You own all of the data associated with your subscription account, including transactions and data related to your customers. We provide the service and maintain the integrity of your data. No document will be deleted as long as your Subscription Account remains valid. You can export part or all of your data, at any time and in a multitude of portable formats, including XML, CSV and MS Excel®.

We automatically carry outencrypted backups to ensure your data is safe and protected.

We host and maintain your back-office application and look after future patches and updates for you.

We are constantly improving our features, we provide free updates and regularly add new functions, without any additional cost to you.

Please read our Privacy policy for further information.

Remote Vulnerability Scanning

BookingFor is subject to regular PCI compliance scans to ensure we are PCI-DSS compliant. These scans check for known vulnerabilities and common security flaws in the server configurations. They are performed by our security compliance provider.

Fast and High Availability Hosting

To offer the utmost reliability and performance, BookingFor operates on Microsoft Azure with a redundant data centre in two different locations in Europe.

PCI Policy

BookingFor is PCI DSS compliant. This compliance extends to all accounts managed by BookingFor and all transactions processed through our system.

The PCI Data Security Standard (PCI DSS) was created by the major credit card companies to guarantee the adoption of consistent security measures by all merchants.

The PCI standards are divided into six categories, which must be complied with in order for a merchant to be deemed compatible:

  • Maintain a secure network;
  • Maintain a vulnerability management program;
  • MMonitor and test networks regularly;
  • Protect card holders’ data;
  • Implement strong measures to control access;
  • Maintain an information security policy.

BookingFor saves cardholders’ data with all of the required security policies and/or entrusts the entire management to third party payment gateways. Our third party service providers process payments and store cardholders’ data. All of the third party payment processes supported by BookingFor are PCI DSS certified.

* Note that your bank may have additional PCI compliance requirements. Software as a Service (SaaS) applications, such as BookingFor, are classed as Service Providers. PCI compliance is only confirmed for accounts that use a compatible payment gateway.

Please refer to our Terms of Service for our Privacy policy and the Protection of Data, and our Term of Use, or contact us for information about our PCI policy and compliance.