TwikPMS Platform Documentation

Performance, availability, and security are the pillars of TwikPMS. We utilize modern engineering practices to ensure that your property's digital core is resilient, fast, and compliant.

1. Philosophy

TwikPMS is built as a Cloud-hosted, Multi-tenant, and SaaS-first platform.

• Cloud-Native Hosting — We leverage the power of Google Cloud to provide a stable environment that avoids the pitfalls of on-premise hardware.
• Multi-tenant Architecture — Our clients operate on a shared, highly optimized infrastructure. This ensures that every property—regardless of size—benefits from the same security updates, feature releases, and performance optimizations simultaneously.
• Modern SaaS Logic — As a SaaS provider, TwikPMS removes the burden of IT maintenance from the hotelier. We handle the server management, security patching, and core updates so you can focus on guest experience.

2. Infrastructure

Our platform is powered by Google Cloud Platform, utilizing enterprise-grade infrastructure to deliver consistent uptime.

• Compute — We utilize Google Compute Engine instances optimized for high-performance execution. This allows for rapid processing of complex reservation data and reporting.
• Regional Data Residency — All primary processing and data storage occur within Google Cloud's European regions (e.g., Netherlands/Belgium). This ensures that guest data remains within the EU, facilitating strict GDPR compliance.
• Scalability — Our cloud infrastructure allows us to dynamically scale resources to meet the demands of growing hotel groups without migration downtime.

3. Tech Stack

We utilize a modern application framework known for its clean code philosophy and robust security features to power the TwikPMS core.

• Backend — A secure, structured, and high-speed engine for handling business logic, financial calculations, and API integrations.
• Database — High-performance relational databases managed with strict indexing and query optimization for instant data retrieval.
• Frontend — A responsive, modern web interface designed for speed across desktops, tablets, and mobile devices.

4. Environments

To ensure the highest level of stability, TwikPMS maintains isolated environments:

• Production Environment — The live, high-availability environment where all property operations occur.
• Sandbox Environment — A dedicated Sandbox (test) environment is available upon request. This allows you to train new staff, test integrations, and experiment with settings in a risk-free mirror of your property without affecting live bookings or financial records.

5. Disaster Recovery & Backups

Our "Fail-Safe" protocol ensures that your data is protected against accidental loss or system failure.

• 7-Day Retention — We perform automated daily backups of the entire system. We maintain a rolling 7-day backup history, allowing us to restore the platform to a previous state in the event of a critical data incident.
• Data Integrity — Backups are stored in geographically separate zones within Google Cloud to ensure availability even in the case of a regional data center outage.

6. Security

Security is integrated into every layer of the TwikPMS stack, following the "Security by Design" principle.

• Encryption — All data in transit is protected via TLS 1.2/1.3 encryption. Data at rest is encrypted using AES-256 standards.
• Framework Security — Our application framework provides built-in protections against common web vulnerabilities, including SQL injection, Cross-Site Request Forgery (CSRF), and Cross-Site Scripting (XSS).
• Access Control — We support secure authentication protocols and encourage the use of strong password policies and multi-factor authentication for administrative users.

7. Data Privacy

TwikPMS acts as a Data Processor under GDPR. The Hotel (our Partner) acts as the Data Controller.

• Data Segregation — While the infrastructure is shared (multi-tenant), guest and financial data are logically segregated at the database level, ensuring no data leakage between different properties or hotel groups.
• Transparency — We maintain a clear list of sub-processors (such as Google Cloud and payment providers) and ensure each meets our high standards for data privacy.

8. Certifications & Compliance

• PCI-DSS Compliance — TwikPMS is designed to be PCI-compliant. By integrating with Tier-1 payment gateways (like Stripe), we ensure that sensitive cardholder data never touches our servers directly. This "Scope Reduction" ensures the highest level of payment security for your guests.
• GDPR — Our platform is architected to support "The Right to be Forgotten" and "Data Portability," allowing hoteliers to fulfill their legal obligations to guests easily.

This page was last updated: 21 December 2025