Security & payments

Platform security §1

diidum operates using industry-standard security practices appropriate for e-commerce services. Access to administrative systems is restricted to authorised personnel only, and all connections to our websites are protected using encrypted HTTPS connections.

Payment processing §2

All payments made through diidum.com and events.diidum.com are processed securely by Stripe, a global payment service provider certified as a PCI DSS Level 1 service provider. diidum does not store, process, or transmit full credit or debit card numbers on its own systems — payment card information is entered directly into Stripe-hosted components and handled exclusively by Stripe.

PCI DSS compliance §3

diidum operates under the Payment Card Industry Data Security Standard (PCI DSS) using a PCI-compliant third-party payment processor. Our platform is structured so that cardholder data does not pass through or reside on diidum infrastructure — reducing risk and ensuring sensitive payment information is handled only by specialised, independently audited systems.

Data protection §4

Personal information collected during event registration is protected using appropriate technical and organisational safeguards. We limit data access to what is necessary for platform operations, customer support, and legal compliance. diidum does not sell personal data and shares registration data only with the relevant event organiser to enable them to manage their event.

Hosting & infrastructure §5

diidum's platform is hosted within a professionally managed virtual private server (VPS) environment and maintained using secure system configurations and regular updates. All infrastructure is EU-based.

Responsible disclosure §6

We take security concerns seriously. If you believe you have identified a security issue affecting diidum, please report it responsibly via our contact page so we can investigate promptly.