How secure is my data?

At Classta, we take the security, privacy, and reliability of your data very seriously. This article explains how your data is protected, how backups work, and how we comply with UK & EU data-protection laws.

🔒 Infrastructure & hosting

Classta is built on modern, professionally managed cloud infrastructure designed for reliability and security.

  • UK & EU hosting

    Our primary infrastructure is hosted in the UK and EU.

    Our database is hosted in the EU (London region), and our application servers run in the UK.

  • Redundant application servers

    Classta runs on multiple live server instances for resilience. If one instance becomes unavailable, traffic is automatically routed to another, helping ensure continued availability.

  • Secure, monitored environment

    Infrastructure is protected by firewalls, access controls, and continuous monitoring for errors or unusual activity.

💾 Backups & disaster recovery

Your data is protected with multiple layers of backup and recovery:

  • Point-in-time recovery (up to 7 days)

    Our database supports instant recovery to any point in time within the last 7 days, allowing us to undo accidental deletions or corruption quickly if ever required.

  • Nightly database snapshots

    In addition to continuous recovery, nightly snapshots are taken and stored separately from the live system.

  • Isolated backups

    Backups are stored independently of the live database to protect against system failure or human error.

This combination provides strong protection against data loss while keeping recovery fast and reliable.

🔐 Data security

We follow industry-standard best practices to protect your data:

  • Encrypted connections

    All data is transmitted using HTTPS with TLS encryption.

  • Restricted access

    Only authorised Classta systems and staff can access production data, and access is tightly limited and logged.

  • No shared customer access

    Each account’s data is logically isolated from other customers.

🧾 GDPR & data protection

Classta is designed to comply with UK GDPR and EU GDPR requirements.

  • Clear roles

    You are the data controller for your clients’ data.

    Classta acts as a data processor on your behalf.

  • Minimal data collection

    We only collect data necessary to provide class bookings, attendance tracking, memberships, and payments.

  • Data rights supported

    You can export or delete your data at any time. Client data can also be removed to support access or erasure requests.

  • No data selling

    We never sell, rent, or share your data with third parties for marketing or advertising.

💳 Payments & card security

Classta does not store card details.

  • All payments are handled by PCI-DSS compliant payment providers.
  • Classta only stores secure payment references required to manage bookings and subscriptions.

This significantly reduces risk and keeps sensitive financial data out of our systems.

👤 Your role in keeping data secure

You can help keep your account secure by:

  • Using a strong, unique password
  • Not sharing login details
  • Logging out on shared or public devices

❓ Questions?

If you have any questions about security, backups, GDPR, or need documentation for your own compliance records, please contact support and we’ll be happy to help.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us