Last Updated on 17 Dec 2025
At VacationTracker, protecting customer data is a core part of how we design and operate our service.
Infrastructure
VacationTracker is hosted using reputable cloud infrastructure providers. Customer data is stored in professionally managed environments with physical, network, and operational security controls.
Access Controls
Access to production systems is restricted to authorized personnel only.
Security measures include:
- Role-based access controls
- Principle of least privilege
- Multi-factor authentication for administrative access
- Administrative activity logging
Data Protection
- Encryption in transit using TLS
- Encryption at rest for customer data
- Secure storage of credentials and authentication tokens
Monitoring and Operations
We maintain operational procedures designed to support service reliability and security, including:
- Security patch management
- Vulnerability monitoring
- Backup procedures
- Incident response processes
Incident Response
We maintain procedures for investigating and responding to security incidents.
In the event of a confirmed breach affecting customer data, affected customers will be notified without undue delay.
Privacy and Compliance
VacationTracker operates in accordance with applicable data protection laws, including the EU GDPR and UK GDPR.
Additional information is available in our Privacy Policy and Data Processing Agreement.
Contact
Security-related questions may be directed to:
security@vacationtracker.com