Security & privacy
Trust is the product. Here’s exactly how isot handles money, data and your guests.
We never touch the money
No in-app payment, no card data stored or transmitted by isot. Guests pay your server in person — cash or your existing terminal. Your PCI scope doesn’t grow.
Your guests & data are yours
isot is your channel, not a marketplace. Customer lists, order history and reviews belong to your venue and are exportable any time.
KVKK & GDPR-aligned
Lawful-basis processing, data minimisation, right to access and erase, and EU/Türkiye-appropriate data handling. A DPA is available for operators.
Encrypted in transit & at rest
TLS everywhere, encrypted storage, role-based access with per-staff PINs, and audit logs across all four apps.
Resilient by design
The floor keeps working through brief network blips; orders reconcile automatically when the connection returns.
Legal or security questions? Email security@isot.app