Technology & security of our club management software
Microservices, Keycloak auth and over 600 open REST APIs. Built modularly, transparently documented and designed against lock-in from the very first line of code.
Recommended by
Tesla Owners Switzerland
TSV Rohrdorf
Altpfadi Adler Aarau
Kunst- und Geräteturnen Kleindöttingen
Radfahrerverein der Stadt Winterthur
Turnverein Eien-Kleindöttingen
Schwingerclub RothenburgTesla Owners SwitzerlandTSV RohrdorfAltpfadi Adler AarauKunst- und Geräteturnen KleindöttingenRadfahrerverein der Stadt WinterthurTurnverein Eien-KleindöttingenSchwingerclub RothenburgAnswers to the typical tech questions
Tech-savvy club members ask technical questions before recommending a platform: Where is the data stored? What backups are available? Can you get your data out again without lock-in?
DigitalMembers runs on a highly available Kubernetes cluster at Hetzner in Germany, with all data stored encrypted. Login via Keycloak, regular backups, all data exportable via 600+ REST endpoints.
600+ REST APIs with Swagger & automatic SDKs
Over 600 REST endpoints following the OpenAPI 3 standard, searchable via Swagger UI, with generated SDKs for Python, TypeScript, and Swift. Custom integrations are ready in hours, not weeks.
Keycloak, central login & authorisation server
Keycloak for login and roles, based on open standards such as OAuth 2.0 and OpenID Connect. Two-factor login with passkeys, security keys or an authenticator app. Roles are strictly separated per club.
Event streaming with Apache Kafka
Around 15 independent microservices, each with its own database and its own interface. If one fails, the others keep running. The services communicate via Apache Kafka: around 80 percent of the work runs in the background, so the interface stays fast even during peak loads.
Highly available Kubernetes cluster
Cluster control runs with triple redundancy: if one server fails, the others take over automatically. The servers are not directly accessible from the internet and install security updates automatically.
All data stored encrypted
All data carriers in the cluster are fully encrypted, with the keys stored separately from the servers. Backups only leave the data center encrypted and are stored with a second, independent cloud provider.
Hosting in Germany, GDPR and Swiss FADP compatible
Kubernetes cluster in Hetzner data centers in Germany. Point-in-time recovery on PostgreSQL, regular backups, compliant with the GDPR and the Swiss FADP.
Audit log. Traceable down to the minute when it matters
Every security-relevant action (login, access, export, deletion) is logged: who, when, what. After three months, the entries are deleted automatically.
Tests, monitoring & annual security review
Automated tests for every service, plus an annual external security review of the entire platform. We detect production errors within minutes via Sentry (hosted in the EU).
Privacy-friendly analytics with Matomo
No third-party tracking cookies: usage statistics are anonymised through our own Matomo instance in Germany.
Retention policy, logs, and delivery data
Log and sending data is only kept for a limited time: audit entries for three months, sending data by default for two years, configurable per club. Details in our privacy policy.
Used daily by us
We use our own platform every day in the team: for accounting, expenses and payroll as well as for project boards and documentation. Features come from real workflows.
Our technology stack
Python, Vue, PostgreSQL, Redis, Keycloak, HashiCorp Vault, Nginx, MinIO (S3), Kubernetes and self-hosted GitLab. Proven building blocks with a large community.
Frequently Asked Questions
Software you understand and trust
Transparency instead of magic. Every endpoint, every database, every encryption method is documented.
Try for free