Technology & security. Under the hood of Printerless

Q: Where is the data hosted? In Switzerland?

Infrastructure on Kubernetes at Hetzner in the EU. Compliant with the Swiss nDSG and the GDPR. We currently don’t offer dedicated hosting in Switzerland.

Q: What happens to our data if we cancel?

All data is accessible via REST API as JSON, Excel, or PDF.

Q: What happens in case of an outage or data loss?

PostgreSQL with point-in-time recovery, twice-daily backups to separate storage pools, monitoring via Sentry. All files (receipts, attachments, logos) are stored in S3 buckets and are also backed up twice daily.

Q: Is DigitalMembers open source?

The platform is proprietary, but the REST APIs are openly documented via OpenAPI. Every company builds its own integrations without asking us, at no extra cost.

Microservice architecture, Keycloak auth, HashiCorp Vault, 600+ public REST APIs. For SMEs that expect infrastructure transparency.

Try for free

Open APIs

600+ OpenAPI endpoints, Swagger UI, automatic SDKs for Python, TypeScript and Swift.

Modern microservice architecture

Microservices on Kubernetes, Kafka for events, PostgreSQL per module. The same architecture as SaaS products with millions of users.

Used daily by us

Truecode accounting runs entirely on Printerless. Every invoice, every bank statement and every salary payment for our team goes through our own system. We spot bugs first, and features come from real workflows.

What's under the hood?

Tech-savvy SME decision-makers ask technical questions before introducing a platform: Where is business data stored? What backups exist? How is authentication handled? Can you get out again without lock-in? Most providers answer with marketing fluff; we answer with a page that describes it specifically.

Printerless runs as a microservice architecture on Kubernetes in EU data centres at Hetzner. Authentication via Keycloak with optional SSO, secrets in HashiCorp Vault, twice-daily backups, monitoring via Sentry. All data can be exported via 600+ documented REST endpoints, including webhooks for event-based integrations. Swiss DPA and GDPR compliant — with no backdoor.

600+ REST APIs with Swagger & automatic SDKs

Over 600 REST endpoints following the OpenAPI standard, searchable via Swagger UI, with generated SDKs for Python, TypeScript, and Swift. Custom integrations take hours, not weeks.

Webhooks, live tracking for Drive, Calendar, email and letters

Drive, Google Calendar, SendGrid and Printerless report changes within seconds: opened emails, clicks, delivered letters. Webhooks are signed, missed events are delivered afterwards.

Keycloak, central login & authorisation server

Keycloak for login, SSO and roles. Standards: OAuth 2.0, OIDC, PKCE, Magic Login, SAML. Two-factor login via TOTP app (Google Authenticator, Authy), FIDO2/WebAuthn security keys and passkeys. Roles are strictly separated per company.

Event streaming with Apache Kafka

Around 15 independent microservices, each with its own database, its own API, its own release cadence. If one fails, the others keep running. Async via Apache Kafka, sync via REST. Each microservice doesn’t run as a single process, but as a group of specialised deployments: one for HTTP requests from the browser (ASGI), others for processing individual event streams from Kafka. In total, hundreds of small processes run in parallel, each independently scalable. Around 80 percent of workloads run event-based in the background, keeping the user interface responsive even during peak loads.

HashiCorp Vault, encrypted secrets

API tokens, SMTP credentials and OAuth secrets are stored encrypted in HashiCorp Vault on a hardened server, not in the app databases. Encryption in transit and at rest included.

Hosting in the EU, GDPR & nDSG compatible

Kubernetes cluster in Hetzner data centres in the EU, with point-in-time recovery on PostgreSQL and twice-daily backups. GDPR- and nDSG-compliant.

Audit log. Traceable down to the minute when it matters

Every security-relevant action (login, access, export, deletion) logged with who, when, what, IP, and result. For trustees, data protection disclosures, and suspicious logins.

Tests, monitoring & annual security review

Unit and integration tests per service against real databases, CI with linting, type checking and security scans. Production is monitored via Sentry. Plus an annual external security review of the entire platform.

Error tracking with Sentry, in the EU

Error logs and performance data run via Sentry, hosted in the EU. This way, we detect production issues within minutes.

Privacy-friendly analytics with Matomo

No Google Analytics, no Facebook Pixel, no third-party tracking cookies. Usage metrics run exclusively via our self-hosted Matomo instance on EU infrastructure, anonymised and used only for internal product improvement.

Retention policy, logs, and delivery data

Audit log details are aggregated into daily statistics after 3 months; individual entries are deleted. Shipping data (email tracking, letter logs, SMS status) follows the data retention policy—two years by default, configurable per company. Less data storage, less risk, clear DPA and GDPR compliance. Details in our Privacy Policy and the Terms and Conditions.

Our technology stack

Python, Vue, PostgreSQL, Redis, Keycloak, HashiCorp Vault, Nginx, MinIO (S3), Kubernetes, and self-hosted GitLab. Proven building blocks with a large community that we deliberately use instead of reinventing the wheel.

Frequently Asked Questions

Where is the data hosted? In Switzerland?▾

What happens to our data if we cancel?▾

What happens in case of an outage or data loss?▾

Is DigitalMembers open source?▾

Clean tech makes everyday work easier

Try it free for 14 days. All modules included. No credit card required.

Try for free

← Back to all modules