Data security and privacy are critical concerns when implementing guest WiFi systems that collect customer information. Spotipo's infrastructure is designed with data sovereignty, GDPR compliance, and user ownership as core principles—storing all guest data within the European Economic Area on Google Cloud Platform's Belgium region servers.
This guide explains Spotipo's data residency, storage philosophy, retention policies, and security standards. Understanding where your guest WiFi data lives and how it's protected is essential for regulatory compliance and building customer trust.
What you'll learn:
Where Spotipo stores guest WiFi data (server location and infrastructure)
Spotipo's data custodianship model (storage vs. processing)
How long data is retained and when it's deleted
Security measures protecting your guest information
Key principles:
GDPR compliant: All data stored within the European Economic Area
User ownership: You retain full control and ownership of your data
No data monetization: Spotipo doesn't analyze or sell your guest data
Persistent storage: Data survives subscription gaps until you explicitly delete it
Important: Spotipo acts as a data custodian, not a data processor, we store your information securely but never use it for our own purposes, analytics, or third-party sales.
Data Residency & Retention Policy
At Spotipo, we believe your data belongs to you. To provide a seamless captive portal experience, we utilize a robust infrastructure centered on security and transparency.
Server Location
Our primary database and application servers are hosted on Google Cloud Platform (GCP) within the Belgium (europe-west1) region. This ensures your data stays within the European Economic Area (EEA), providing strict alignment with GDPR standards and high-speed connectivity for your end-users.
Our Data Philosophy: Storage, Not Processing
A common question we receive is how we use the data collected through your portal. Our stance is simple: Spotipo does not process, analyze, or monetize your data for our own purposes.
Data Custodianship: We act strictly as a storage provider. We provide the "digital vault" where your logs and user info reside, but we do not use this data to build profiles or sell insights.
User Ownership: You retain full ownership and control. We facilitate the secure hosting; we do not "peek" at your records.
Data Retention & Subscription Gaps
We understand that business needs change. To protect your historical records, our data retention is tied to your Site Profile, not your billing status:
Persistent Storage: Your data remains securely stored even if your subscription expires or is temporarily paused. This ensures that if you choose to reactivate your service later, your historical logs and configurations are exactly where you left them.
Deletion Policy: Data is only purged from our Belgian servers if/when you explicitly delete the site from your dashboard. Once a site is deleted, all associated data is permanently removed in accordance with our security protocols.
Security Standards
Encryption at Rest: All data is encrypted by default on GCP disks.
Encryption in Transit: Data moving between your hardware and our servers is protected via secure protocols.
No Third-Party Sharing: Since we don't process data for ourselves, we have no reason to share or sell it to outside parties.
Your Data Remains Secure and Under Your Control
Spotipo's infrastructure is designed to keep your guest WiFi data secure, GDPR-compliant, and fully under your ownership. With servers in Belgium's Google Cloud Platform region, encrypted storage, and a strict no-processing policy, your customer information remains protected and private.
What this means for you:
GDPR compliance: EEA data residency meets European privacy regulations
Data portability: Export your data anytime via Spotipo dashboard
Business continuity: Data persists through subscription gaps
Complete control: Only you decide when data is permanently deleted
Data management actions:
Export data: Download guest information anytime from dashboard
Delete site: Permanently remove all associated data from servers
Pause subscription: Data remains stored until you're ready to resume
Compliance documentation: For detailed privacy policy, data processing agreements, or GDPR-specific documentation, visit our legal pages or contact our compliance team.
Questions about data storage or privacy? Contact Spotipo support via live chat or email us at [email protected] for detailed information about data handling, compliance, or security practices.