CampOne is hosted exclusively in Swiss data centres and built from the ground up to the revised Federal Act on Data Protection. This is how we keep it safe.
Where your data lives is not a setting or a nice-to-have. It is the foundation everything else is built on.
Every byte — databases, backups, file storage — lives in ISO 27001-certified data centres inside Switzerland. Nothing is replicated abroad.
Guest data never leaves the country. There is no US sub-processor, no EU fallback region, no “data at rest in Frankfurt”.
CampOne GmbH is domiciled in Zürich and operates entirely under Swiss jurisdiction, including the revised Federal Act on Data Protection.
Compliance is not a document we produced once. It is baked into how the product collects, stores and deletes data.
We collect only what a booking and a legal HESTA record require. Optional fields stay optional.
Guests see why each field is asked for. Marketing consent is separate, explicit and revocable.
Records are retained for the legally required period, then deleted automatically. Guests can request erasure at any time.
Every access to guest data is logged with user, timestamp and action — a complete, tamper-evident trail.
Guest records are captured once, at check-in, in exactly the shape the Federal Statistical Office and your canton require. HESTA figures and tourist-tax settlements are generated from the same authoritative record — so what you file always matches what you took.
Because every record carries its own audit trail, a cantonal or municipal audit becomes an export, not a fire drill.
All traffic runs over TLS 1.3. HSTS is enforced; there is no unencrypted path to your data.
Databases and backups are encrypted at rest with AES-256. Backup media is encrypted independently of the live store.
Staff see only what their role needs. Reception, finance and owner permissions are separate, and every account is individually revocable.
Automated daily backups with point-in-time recovery, tested restores, and 30-day retention — all inside Switzerland.
Invoices are issued as compliant Swiss QR-Bills. Payment references reconcile back to the booking automatically.
TWINT, Visa, Mastercard, PostFinance and LSV are supported through a licensed Swiss payment provider.
Card data is tokenised and handled by a PCI DSS Level 1 provider. Raw card numbers never touch CampOne servers.
Uptime measured as a rolling 90-day average across all production components.