Rideum

trust center

Built on Trust.

Enterprise trust, engineered into every layer. Rideum delivers an AI-powered hospitality platform that is secure, scalable, and intelligent.

Developed by Develab, Rideum is covered under an ISO/IEC 27001:2022 certified Information Security Management System. We protect the confidentiality, integrity, and availability of your reservations, guest data, operations, and revenue workflows — across every property, every transaction, every interaction.

Certified Products & Scope

Our certification encompasses the full Rideum platform — an AI-powered solution for hotels, restaurants, and hospitality groups covering reservations, guest data, operations, and revenue workflows.

Bleustay

Bleustay

Hotel management & channel synchronization

Bleudine

Bleudine

Restaurant operations & inventory

Bleudash

Bleudash

Workforce & task allocation

Multi-tenant SaaS with regional residency. Payments are handled exclusively through PCI-compliant providers.

Compliance & Certifications

ISO/IEC 27001:2022

  • Certified ISMS implementing risk-based controls to protect confidentiality, integrity, and availability.
  • Coverage includes the Rideum platform and supporting systems, assets, and operational processes.
  • Annual surveillance audits to maintain certification.
ISO/IEC 27001:2022 — Certified by TÜV

Applicable Regulations

  • GDPR

    EU data protection compliance

  • PDPA

    Singapore & Malaysia personal data laws

  • PDP Indonesia

    UU No. 27/2022

  • APPI

    Japan personal information protection

Security Practices

Controls across nine domains, embedded into every layer of the platform.

Organisational

Documented policies, defined roles and responsibilities, risk management, and incident response.

People

Background screening, signed confidentiality agreements, and security awareness training.

Physical

Secure offices with access control and clean desk policy.

Identity & Access

SSO with MFA and privileged access provisioning. Quarterly access reviews.

Encryption

TLS in transit, AES-256 at rest, customer-managed key options for Enterprise tier.

Development

Secure SDLC with static analysis and OWASP testing of all applications.

Monitoring

Centralised logging, SIEM-based alerting, vulnerability scanning, intrusion detection.

Incident Response

Defined SLAs, on-call rotation, runbooks, and customer notification within 24 hours.

Business Continuity

Daily backups, geo-replication for critical data, tested recovery procedures.

Data & Privacy

Customer ownership

Customers retain full ownership of their data, source code, and artifacts. Your data is used only to deliver, secure, and support the contracted service — no secondary use without explicit consent.

Data residency

Default residency in Singapore and APAC cloud regions. Enterprise arrangements available for specific regional requirements.

Data subject rights

Processes support access, correction, deletion, and portability requests under GDPR, APPI, and PDPA.

Retention & deletion

Defined retention periods per service tier. Secure deletion within contractually agreed timelines.

Operational Transparency

Status & uptime

Public-facing Rideum compliance dashboard provides real-time system status.

Change management

Formal change control for all software releases — peer review, staging tests, documented audit log.

Vulnerability management

Vendor security bulletins, dependency scanning, and automated detection frameworks.

Contact the Trust Team

For security questionnaires, due diligence, certificates, or audit support — reach out and we will respond within two business days.

[email protected]

  • Singapore

    10 Anson Rd, International Plaza, Singapore 079903

  • Malaysia

    Unit 02, Level 25, Tower A, The MET Corporate Towers, 20 Jalan Dutamas 2, 50480 Kuala Lumpur

  • Indonesia

    Delrey Business Townhouse D5 No. 2, Lengkong Kulon, Pagedangan, Kab. Tangerang, 15331