Guides
Free SignupLogin to DashboardCustomer Support

Security Overview

LiteAPI is designed with security, privacy, and regulatory compliance as foundational principles. We understand that our customers operate in regulated environments and rely on LiteAPI to process sensitive business and booking-related data in a secure and compliant manner.

This section provides an overview of LiteAPI’s approach to information security, data protection, and operational resilience, and addresses the most common questions raised during security reviews, vendor assessments, and procurement processes.

Our Security Approach

LiteAPI follows industry best practices to protect data throughout its lifecycle, including:

  • Secure-by-design architecture
  • Strong encryption standards
  • Strict access controls
  • Continuous monitoring and incident response processes
  • Regular review of infrastructure, dependencies, and operational controls

Security is treated as a shared responsibility between LiteAPI and its customers. While LiteAPI is responsible for securing the platform and underlying infrastructure, customers are responsible for the secure use of the APIs, proper handling of credentials, and compliance with their own regulatory obligations.

Scope of This Documentation

The pages in this section describe how LiteAPI handles:

  • Data protection and privacy
  • Regulatory compliance (including GDPR and PCI DSS scope)
  • Encryption and key management
  • Authentication and access control
  • Infrastructure and hosting security
  • Logging, monitoring, and incident response
  • Vulnerability management
  • Data residency and international transfers
  • Business continuity and disaster recovery

This documentation is intended to support security questionnaires, internal risk assessments, and compliance reviews. It provides transparency into LiteAPI’s security posture without exposing sensitive operational details.

Data Responsibility Model

Depending on the context, LiteAPI may act as a data processor or service provider for customer data. Customers remain responsible for determining the lawful basis for processing personal data and for ensuring that their use of LiteAPI complies with applicable data protection laws.

LiteAPI does not sell customer data and processes data solely to provide and operate its services.

Continuous Improvement

Security and compliance are ongoing efforts. LiteAPI continuously evaluates its systems, processes, and third-party dependencies to adapt to evolving threats, regulatory changes, and industry standards.

Updates to this documentation may occur as controls evolve or new compliance requirements emerge.

Questions and Requests

For security-related questions not covered in this documentation, including requests for compliance documentation or data protection agreements, customers can contact Nuitee through the usual support or account channels.

Updated about 21 hours ago

What’s Next