Tech Stack

Tech stack, standards and extensibility

Technologies, protocols and components Controliza uses to integrate, scale and operate securely in multi-location HORECA environments

Request Technical Session

Design principles

API-first

Every feature accessible via REST API documented with OpenAPI 3.0

Cloud-native

Multi-tenant, auto-scaling and EU data residency

Security by design

Encryption, RBAC, SSO and traceability built into the architecture

Extensible and decoupled

Webhooks, standard formats and connectors without proprietary dependencies

Tech Stack

Tech stack and standards in use

Technologies validated in production with real HORECA clients.

Integration and APIs

API-first architecture with OpenAPI 3.0 documentation and bidirectional webhooks.

REST API

Endpoints documented with OpenAPI 3.0

Bidirectional webhooks

Real-time events between systems

SFTP

Secure transfer for legacy integrations

Data and formats

Industry-standard formats with legacy system support.

JSON, CSV, XML

Import/export in standard formats

EDI

Electronic data interchange with suppliers

PDF, JPEG, PNG, HEIC

Input for document OCR

Authentication and access control

Federated SSO and granular control by role, location and module.

OAuth 2.0

Standard API authorization

SAML 2.0

Federated SSO with corporate IdP

Azure AD, Okta, Google Workspace

Supported corporate IdPs

Encryption and security

Encryption at rest and in transit with verified standards.

AES-256

Encryption at rest with automatic key rotation

TLS 1.3

In-transit encryption for all communications

Infrastructure and deployment

Cloud-native with EU data residency and horizontal scaling.

Cloud-native multi-tenant

Isolated tenants with segregated data

Horizontal auto-scaling

Scales from 10 to 1,000+ locations without migration

AWS eu-west-1

EU data residency

Machine Learning and inference

Proprietary models trained on real hospitality data.

Adaptive ML

Forecasting with daily retraining

Computer Vision

Visual detection for buffet and OCR

IoT and edge

Edge processing for minimal-latency operations.

Edge computing

Local processing without cloud dependency

MQTT

Lightweight protocol for IoT devices

Document processing

Delivery note and invoice digitization with automatic cross-validation.

OCR with Computer Vision

Optical recognition of delivery notes

Triple Match Engine

Order-delivery note-invoice validation

Compliance and regulation

Regulatory compliance for HORECA operations in Spain and the EU.

GDPR

Right to erasure, portability and DPO

HACCP

Batch and allergen traceability

Law 7/2022

Food waste documentation

What this means for your IT team

Less dependency

Integration over open protocols and standard formats, without dependency on closed systems

Known standards

REST, OAuth, SAML, JSON, webhooks — your team already works with these technologies

Scaling without redesign

Horizontal auto-scaling and multi-tenancy that grows with your operation without architecture redesign

Predictable evolution

Semantic API versioning, backward compatibility and automatic updates with zero downtime

Want to validate compatibility with your current stack? Let's talk about your case.

Request Stack Technical Review

Technical documentation and available standards

Technical resources to validate compatibility with your current stack.

APIs

Interactive OpenAPI 3.0 documentation

Webhooks

Events, payloads and configuration

Formats

JSON, CSV, XML, EDI and SFTP

Authentication

OAuth 2.0, SAML 2.0, RBAC

Integration requirements

Access, credentials and pilot scope

Frequently asked questions for IT

What technical standards does Controliza use?

REST API documented with OpenAPI 3.0, OAuth 2.0 authentication, SSO via SAML 2.0, AES-256 encryption at rest and TLS 1.3 in transit. Standard formats (JSON, CSV, XML, EDI) and bidirectional webhooks for real-time integration.

What external dependencies does Controliza have?

Controliza is a cloud-native SaaS on AWS (eu-west-1). No on-premise infrastructure or proprietary client libraries required. Integration is via REST API or SFTP — no agents or software installed on your systems.

How are API and connector versions managed?

The API follows semantic versioning with backward compatibility. Breaking changes are communicated 6 months in advance and previous versions are maintained in parallel during the transition.

Is the platform extensible?

Yes. API-first and decoupled architecture: you can consume data via API, receive events through webhooks and connect external systems without depending on custom development from Controliza.

What happens if I want to switch providers?

Full data export via API or CSV at any time. No vendor lock-in: data formats are standard and integration is built on open protocols.

How are technical responsibilities divided?

Controliza manages infrastructure, updates, ML models and technical support. Your IT team only needs to provide POS API access and validate integrations during the pilot. Less than 4 hours of IT effort in the initial phase.

Results measured in active Controliza clients.

Request a technical session

We review the stack, standards and technical fit of Controliza in your current architecture

This site is protected by Google reCAPTCHA. Privacy · Terms

Financiado por Kit Digital y fondos europeos