Skip to main content
Wiacom is designed to operate both as a self-contained data platform and as a connectivity and enforcement layer that feeds into your existing infrastructure. This section explains how the platform handles personal data, which external systems it can integrate with, and what responsibilities fall on each party depending on the chosen data-flow model. This content is primarily intended for technical, IT, and compliance stakeholders, including DPOs evaluating data residency and processing responsibilities.

In This Section

Data Models

Understand the two supported data-flow architectures — Wiacom as a secure data vault, or Wiacom as privacy-minimised middleware.

Messaging Services

Transactional email and SMS delivery — platform-provided or customer-supplied, and when each applies.

CRM & CDP Integrations

Push guest data into your CRM, CDP, PMS, or marketing platform through secure, approved integration channels.

External APIs & Webhooks

Connect external systems, automate workflows, and consume Wiacom data programmatically via REST API and webhook events.

Key Principles

Regardless of the integration model in use, the following principles apply across Wiacom deployments:
  • Personal data is not transmitted to WiFi vendors or controllers for standard access enforcement. Only technical identifiers, credentials, policy attributes, or pseudonymous values required for authentication and session control are exchanged with the wireless infrastructure.
  • All data exposed through the Wiacom API requires strong authentication, and access can be restricted by source IP.
  • Personal data is processed only where a valid lawful basis applies, such as consent, service delivery, security, compliance, or other applicable grounds depending on the deployment.
  • All platform communication uses HTTPS / TLS 1.2 or higher.
  • Wiacom deployments are built on reputable cloud infrastructure providers with independently audited security and compliance programs.
  • Hosting regions, infrastructure provider, and data residency requirements are confirmed at deployment time.

Hosting and Infrastructure Compliance

Wiacom is hosted on reputable cloud infrastructure providers, primarily Microsoft Azure and Google Cloud, depending on the deployment region, customer requirements, and technical architecture. Amazon Web Services may also be used for selected infrastructure components or customer-specific deployments where required. These cloud providers maintain extensive security, privacy, and compliance programs, including independent audits and certifications for widely recognised standards ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, SOC 1, SOC 2, SOC 3, CSA STAR, PCI DSS, and GDPR-aligned controls. Cloud-provider compliance does not replace Wiacom’s or the customer’s own compliance obligations, but it provides a strong infrastructure foundation for secure and compliant deployments. At deployment time, Wiacom confirms the applicable hosting region, infrastructure provider, data residency model, and any customer-specific requirements.
Infrastructure compliance documentation, including applicable cloud-provider certifications and audit reports, can be reviewed through the relevant Microsoft, Google, or Amazon trust and compliance portals where available.
The appropriate integration model for your organisation should be agreed with the Wiacom team before deployment, as it affects platform configuration, data processing agreements, and ongoing operational responsibilities.