Contact Us Login
Event Attendance Logo
Book a Demo
Registration

Kickstart your delegates' journey off with a bang and provide a seamless experience to register their attendance.

Onsite Engagement

Elevate participation with digital interactivity such as check-in points, agenda booths, scavenger hunts, badge collection and more.

Virtual Events

Stream your event around the globe to thousands of people without breaking a sweet and connect your participants effortlessly.

Onsite Check-In

Choose from managed or unmanaged solutions and embrace cutting-edge technology, including QR codes or facial recognition.

Joining Instructions

Enhance your delegates communication with automated joining instructions, including directions, parking, and more.

Digital Table Plans

Enhance inclusivity and support sustainable practices in event management with our innovative Virtual Table Plans feature.

Bespoke Features

Discover our bespoke features and how we can tailor our solutions to meet your unique event requirements.

Integrations

Bring all of your tools together and create a seamless experience for your attendees and team.

Security

Protecting you and your data is our number one priority.

Extendable

Build your own features on top of our platform to extend it's capabilities for your needs.

Self Host

Take full control, install our software on your own infrastructure.

Partnerships

Discover our bespoke features and how we can tailor our solutions to meet your unique event requirements.

Read More

Discover our bespoke features and how we can tailor our solutions to meet your unique event requirements.

Pricing

SECURITY

Built with security at its core

Security isn't just a feature; it's at the heart of everything we do. Your use of Event Attendance is confidently backed up by our commitment to safeguard your data.

Compliance

California Consumer Privacy Act Logo
Cyber Essentials
GDPR Logo
HIPAA Logo

Our commitment to security

Your data must remain safe, and our job to protect it never stops. We adopt a limitless approach and will continue to implement and update to the latest standards ensuring that you and your information are shielded from evolving threats.

Our company already implements ISM controls to meet ISO 27001 and SOC 2 type 2 regulations and we are actively working on obtaining accreditation.

For our cloud hosting, we use AWS. Learn more here

Contents
Scope
Scope
Duality Studio LTD operate Event Attendance, including *.eventattendance.co.uk as well as any custom domains that may point to our infrastructure.
On-Premise/Self-Host
Event Attendance provides software to customers that wish to self-host and we take all precautions possible to ensure that software is as secure as possibly. After obtaining the software, it can be verified against a checksum.

We offer advice on the best practices with regards to setting up a secure and robust hosting environment, however we cannot be held responsible for its overall security.
Physical Security
Hosting Facility
Amazon's data centers have been accredited for ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate Sarbanes-Oxley (SOX) and more
Onsite Security
Onsite security for AWS involves comprehensive measures to safeguard physical infrastructure hosting Amazon Web Services (AWS) resources. This includes data centers, networking equipment, and servers. AWS employs stringent protocols such as biometric authentication, 24/7 surveillance, and restricted access controls to ensure only authorised personnel can enter these facilities. Additionally, security personnel, along with advanced monitoring systems, continuously monitor for any suspicious activities.
Ongoing Monitoring
The AWS Security Operations Center performs regular threat and vulnerability reviews of data centers. Ongoing assessment and mitigation of potential vulnerabilities is performed through data center risk assessment activities. AWS backup their own risk management with third-party testing to ensure AWS have appropriately implemented security measures aligned to established rules needed to obtain security certifications.
Locations
Event Attendance is primarily deployed in the UK region, however accommodations can be made to deploy to any of the AWS capable regions.
Network Security
Around the clock alerts
All of our systems are monitored 24/7 to ensure that alerts and risks are mitigated as a matter of priority.
Firewalls
All services essential for the operation of Event Attendance are protected with enterprise-grade firewalls to ensure all traffic is filtered. Our databases are hosted on Amazon's RDS services, with access restricted solely to the local network.
DDoS Mitigation
Our platform implements audit-logs which are continuously monitored for anomalies, complimented with automatic spike alarms. AWS Shield is used to protect our services and mitigate any DDoS style attacks against our systems and infrastructure.
Access Control
Access control is strictly managed, employing the principle of least privilege to ensure that users only have access to the resources necessary for their roles.
Multi-Factor Auth
Where possible, our security policies enforces multi-factor authentication to add additional layers of security.
Vulnerability Scanning
Our security partners, RedMaple Tech, actively monitor our systems and provide proactive remediation steps with their tool FractalScan Surface.
Development
Billing
Event Attendance does not store any credit card data nor does any data touch our infrastructure. Our billing is handled by a third party service called Stripe who are fully PCI compliant.
Quality Assurance
We adopt a cautious approach to testing. Our testing regimen includes integration with unit tests, peer-to-peer reviews, end-to-end tests, as well as smoke tests. Any features raising concerns are promptly removed from the release. Notwithstanding this, it is technically impossible to guarantee a fault-free service. In the event of reported issues, hotfixes will be swiftly implemented outside of the normal release schedule.
Separate/Different Environments
We maintain distinct environments for both staging and testing purposes, with each environment logically and physically segregated from our live-production environment. This separation ensures that any changes or updates can undergo thorough testing in isolated environments before deployment to production. Importantly, no customer data is utilised in these testing or development environments, minimizing the risk of data exposure or compromise.
Penetration Testing
Regular internal penetration testing is conducted quarterly. Additionally, a bi-annual penetration test is conducted through our security partner.
Mitigating Common Attacks (XSS, CSRF, SQLi)
Our application is built to OWASP standards to mitigate common application vulnerabilities. Additionally, we utilise AWS WAF to protect against suspicious activity.
Updates under the hood
We monitor the services that we rely on, whether internal or external, and ensure that they are actively kept up to date.
Encryption
Data at Rest
All data is stored encrypted with AES-256 encryption algorithm.
Data in Transit
Any access to our system, including transmission of data, is encrypted inline with industry best practices.
Software
Single Sign On
SSO Via Office 365 or Google Workplace is available by contacting support: support@eventattendance.co.uk
2FA
2FA is available using an authenticator app such as Authy or Google Authenticator. Forcing 2FA across your team can be enabled by contacting support: support@eventattendance.co.uk
Password Policy
Our system implements password policies that require a minimum 10 characters, mixed case letters and numbers.
Audit Logs
Audit logging is in place and can be provided for review on request. Audit logs include action, performer and timestamp.
Availability
Uptime
Event Attendance has maintained an average uptime of 99.9% during the last 24 months.
Redundancy
Event Attendance is hosted using AWS Lambda which scales on demand. In the extreme situation there is an issue with the AWS zone, Event Attendance can be switched to a different zone to enable normal operations to continue.
Data retention
Event finished
The event can be archived or deleted after use. Data is initially soft deleted for 35 days before being permanently deleting. Soft deleted data can be recovered up to 5 days before permanent deletion by contacting support. Automatic controls are available in app to delete the data after the event is finished.
Closing Account
Your account will be soft deleted for 35 days before being permanently deleting. Your account can be recovered up to 5 days before permanent deletion by contacting support.
Data Backups
Database Backups
Amazon RDS provides a robust service including the ability to provide point in time backups. Our backup period last 14 days and is available across all of our provisioned zones. Additionally, daily snapshots are recorded and stored encrypted with our backup provider.
Other Backups
Our system uses AWS S3 for storage of any other data which is highly durable and implemented with cross-region replication for redundancy.
Recovery
We test our recovery procedures on an annual basis to ensure that our processes work should we ever need them.
Data Isolation
Data Isolation
Each Event Attendance customer is setup with their own database, database user and privileges during the provisioning process when their account is created.
Business Security
Our Business
Event Attendance is owned and operated by Duality Studio LTD. We are a limited company registered in England and Wales under company number 10718526. Our registered address is 10 Icknield Drive, Northampton, England, NN4 9YS.
Data Protection Officer
Our Data Protection Officer can be contacted by email at hello@dualitystudio.co.uk, or by post at 10 Icknield Drive, Northampton, England, NN4 9YS.
Organisational Security
Further information about our internal security, policies, practices and business continuity can be discussed by contacting support.
Helpful Links
Event Attendance Terms
View
Event Attendance Privacy Policy
View
Event Attendance Cookie Policy
View
AWS Compliance
View
FractalScan Attack Surface Monitoring
View

If you have any further questions, please get in touch.

Contact Us
We value your privacy

We use cookies to help give you the best browsing experience. By clicking “Accept”, you agree to the use of all cookies as outlined in our Cookies Policy.