Enterprise-grade. Hospitality-ready.
withQ handles real guest data — reservation details, payment information, PII — for hotels and resorts on four continents. Security isn’t a feature. It’s the floor.
Audited, attested, and compliant.
The frameworks below cover how we handle security, payments, and personal data — the table stakes for every hotel, resort, and travel brand we work with.
SOC 2 Type II
Independently audited controls for security, availability, and confidentiality. Annual SOC 2 Type II report available on request under NDA.
PCI DSS
Card data is tokenized through certified payment processors and never persists in our application database. Annual PCI DSS attestation maintained.
GDPR
EU resident data is processed under our Data Processing Agreement, with rights handling, export, and deletion workflows built into the product.
Want the full breakdown?
Our Trust Center has the policy library, sub-processor list, vulnerability disclosures, audit reports, and live status. It’s the source of truth for security and compliance documentation.
Visit Trust Center →Ready to put withQ on every line?
Talk to us about pilot programs, security reviews, and procurement.
Book a demo →