Picopoint Solutions are secure, stable and built to last

The Picopoint Solutions are seamlessly integrated in B2B solutions of our partners which include major international ISPs and retail chains.


Mission Critical Services
For mission critical services and data storage, Picopoint uses a server infrastructure
hosted on a dedicated, privately owned server cluster in a secure Tier IV certified

The infrastructure is set up multi-layered, each layer running on their own separate
network segment and each layer is separated by dedicated firewalls.

  • All ingress WEB and REST traffic is isolated in a separate DMZ with very limited
    access to the rest of the infrastructure.
  • All RADIUS and backchannel services are also isolated in their own tier with very
    limited access to the rest of the infrastructure.

To allow for 24/7 service, we employ

  • Separate server clusters for both web, Radius and administrative services
  • Highly redundant servers with multiple points of failure protection.
  • Robust NAS solutions with full redundancy
  • Constant monitoring and failure detection and 24/7 direct response procedures

Non Mission Critical Services
Non-mission critical services use a cloud based microservices architecture.

  • All communication between these services and main server infrastructure is
    through our own dedicated  APIs using accounts with access limited to only
    that task.
  • All services are protected by their own firewalls.


Service features

Data storage and encryption

User sensitive data is only stored in our server infrastructure at our Tier IV certified
datacenter. All user/session data is only stored in its own firewall protected data layer.
All confidential data is fully encrypted.

Picopoint LBS services are not storing any session or probe data locally. All data is only
processed in memory and only the resulting anonymized aggregated statistics are stored
in our datacenter location.

General Industry Standards Compliance

Our services are integrated in B2B solutions of our partners including major international
ISPs and retail chains. Generally, compliance is managed through those

To certify we as Picopoint can guarantee those organizations can comply:

  • We have certified our level of security and compliance through SLAs.
  • The complying parties regularly audit and perform security scans on our infrastructure
    and services.

PCI Compliant
There is no credit card or payment information processed or stored in any non-compliant
way. We offer many integration paths (vouchers, APIs, custom authentication channels)
which would still isolate all payment processing from the guest WiFi authentication.

There is no payment information/processing using the same network infrastructure as used
for other services (e.g. guest WiFi access). All communication/network traffic necessary for
Guest Access, will be fully isolated on transport level or through end to end encryption, using
both VPN tunnels and dedicated HTTPS sessions.

GDPR Compliant
Picopoint is fully GDPR (EU privacy law) and AVG (Dutch privacy law) compliant, which
combined have one of the highest level of requirements, concerning privacy and user data

This is done through (but not limited to):

  • Requiring potential WiFi users to accept both privacy statements and Terms of Services
    before allowing access. These will be vetted by us and can be customized to comply with
    any further requirements of the customer and local law.
  • Allowing end users to both request their data usage and request removal of all personal data
    from our system. Both through our own services, support staff, or through integration with
    the customers’ infrastructure using our REST APIs.



Picopoint Solutions

Helium 12a
Oud Gastel
The Netherlands

t: +31 (0)165 747 200

Picopoint Solutions

© 2022 Picopoint Solutions