Last updated July 2026
Booktall is trusted to run reservations and process payments for live businesses. We treat security as a core requirement of the platform, not an afterthought. This page summarizes how we protect payments, data, and availability.
All card payments are processed by Stripe, a PCI Service Provider Level 1 provider. Card details are tokenized in the customer's browser and sent directly to Stripe — sensitive card data never touches Booktall's servers, keeping the platform within PCI DSS SAQ-A scope. Payments support 3-D Secure strong customer authentication, and funds settle directly to each operator's own connected merchant account.
Every business on Booktall runs in its own isolated database. One operator's reservations, customers, and financials are never commingled with another's. Data is encrypted in transit (TLS) and at rest, and access is scoped by role.
Booktall runs on globally distributed edge infrastructure with no single point of failure, plus a dedicated real-time capacity layer that prevents overselling even under concurrent bookings. Automated bot protection and rate limiting guard public booking endpoints.
Your data belongs to you. You can export your full booking history, customer records, and reporting at any time, and there is no contractual lock-in preventing you from leaving with your data intact.
If you believe you've found a security issue, please contact us at hello@booktall.net. We take reports seriously and will respond promptly.