Security

Physical and Network Security

  • Smily is responsible for secure transmission of Cardholder Data on behalf of its customers in accordance to PCI DSS SAQ-D for Service Providers
  • Smily requires sensitive data to be encrypted using industry-standard methods when stored on disk or transmitted over public networks.
  • Smily uses standard, well-reviewed cryptographic protocols (such as SSL) when transferring data.
  • Smily requires that cryptographic keys are at least 128 bits long. Asymmetric keys must be at least 2048 bits long.
  • Smily’s administration website and non-public API are accessible via 256-bit, SSL certificates issued by DigiCert.
  • Smily regularly installs security updates and patches on its servers and equipment.
  • Security settings of applications and devices are tuned to ensure appropriate levels of protection.
  • Networks are strictly segregated according to security level. Modern, restrictive firewalls protect all connections between networks.

Web and Client Application Security

  • Card processing applications adhere to PCI Data Security Standard (PCI-DSS) Level 3.
  • Smily prohibits the storage of card numbers on clients devices
  • Applications developed in-house are subject to quality testing and security review.

Organizational Security

  • Smily requires sensitive data to be encrypted using industry-standard methods when stored on disk or transmitted over public networks.
  • Security systems and processes are tested on a regular basis by qualified internal and external teams.

Research and Disclosure

Smily recognizes the important contributions that our users and the security research community can make. We encourage responsible reporting of problems with our service. We also recognize that legitimate and well-intentioned researchers are sometimes blamed for the problems they disclose. In order to encourage responsible reporting practices, we promise not to bring legal action against researchers who point out a problem, provided they:

  • Share with us the full details of any problem found.
  • Do not disclose the issue to others until we’ve had reasonable time to address it.
  • Do not intentionally harm the experience or usefulness of the service to others.
  • Never attempt to view, modify or damage data belonging to others.
  • Do not seek compensation or reward for the report.

If you believe you have discovered a problem, please contact us at security@bookingsync.com.

BlogEngineering BlogJobsAbout UsYour Own PortalContact Us
Clf: Conciergeries Locatives de FranceAriseHealth logoSplm
SecurityTerms & ConditionsPrivacy PolicyCookies PolicyCookies CenterImprint

© Copyright 2025 Smily & BookingSync SAS

Cookies & Privacy

Cookies enable you to use shopping carts and to personalize your experience on our sites, tell us which parts of our websites people have visited, help us measure the effectiveness of web searches and give us insights into user behavior so we can improve our products. For more information, please see our Cookies Policy

Select cookies to accept

Cookies list
Privacy Policy
Essentials
Analytics
Name Domain Expiration Description
No cookies used in this category
_ga www.smily.com 2 years This cookie is a Google Analytics persistent cookie which is used to distinguish unique users
_gid www.smily.com 24 hours This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
_gat_UA-48818728-5 www.smily.com 1 minute This cookie is used to throttle request rate. These are third party cookies that are placed on your device to allow us to use the Google Analytics service. These cookies are used to collect information about how visitors use our website. We use this information to compile reports and to help us improve the website.
_fbp www.smily.com 3 months This cookie is set by Facebook as part of their embedded services on our websites (likes, sharing etc.).
_hjIncludedInPageviewSample www.smily.com 30 minutes This cookie is set to let Hotjar know whether that user is included in the data sampling defined by your site's daily session limit.
_hjSessionUser_1256877 www.smily.com 1 year Set when a user first lands on a page. Ensures data from subsequent visits to the same site are attributed to the same user ID.
_hjSession_1256877 www.smily.com 30 minutes Holds current session data. Ensures subsequent requests in the session window are attributed to the same session.
_hjFirstSeen www.smily.com End of session Identifies a new user's first session. Used by Recording filters to identify new user sessions.
_hjAbsoluteSessionInProgress www.smily.com 30 minutes Used to detect the first pageview session of a user.