Security & Compliance

Trust through transparency.

The security of your data and your clients' data is at the heart of Wave's design.

Our commitments

Data encryption

Data is encrypted at rest and in transit. Communications between the app and our servers use secure protocols (TLS).

Data isolation

Each establishment has its own logically isolated data space. One client's data is never accessible by another.

Access control

A role-based system precisely defines what each team member can see and do. Sales associate, manager, administrator: each has their own scope.

Regular backups

Data is backed up regularly. In the event of an incident, rapid restoration is possible.

Audit trail

Important actions can be logged (optional). Available on request to meet your internal compliance obligations.

GDPR best practices

Wave is designed in accordance with GDPR principles: data minimisation, restricted access, documentation available on request.

TLS 1.3

Encryption protocol

EU Hosting

Data in Europe

24/7

Infrastructure monitoring

Frequently asked questions

Where is the data hosted?

Data is hosted in European data centres. We favour providers that comply with current European regulations.

Who can access my data?

Only team members with the appropriate permissions can access your establishment's data. Our technical teams only access it in a support context, with your agreement.

Is Wave GDPR compliant?

Wave is designed in accordance with GDPR principles. For specific questions, contact us to obtain our compliance documentation.

What happens if I cancel my subscription?

Upon cancellation, your data remains available for 30 days to allow you to export it. It is then deleted from our servers.

Do you have a Data Protection Officer?

For any data protection questions, you can contact us at privacy@digital-haute-couture.com.

Questions about security?

Our team is available to address your specific compliance requirements.