Secure, highly available ticketing and reservation systems engineered for scale

Effimaris delivers privacy-first event platforms running on infrastructure-grade infrastructure sized to handle sustained high load and peak traffic without service interruption.

Our services

Nonprofit-focused
Proven performance for organizations of any size
Security and privacy prioritized
Volunteer Donate

Our mission

Effimaris helps community organisations deliver events and programs with dignity, fairness, and accessibility. We design systems to meet strict security, privacy, and availability requirements so organisers can depend on the service during high-demand events.

We work with small teams on tight budgets to deliver resilient managed services that minimize operational overhead while maximizing uptime and data protection.

  • Security-first: Encryption in transit and at rest, hardened endpoints, least-privilege operations.
  • Privacy-preserving: Minimal data retention and strict access control.
  • High availability: Production sized for sustained performance with strong failover strategies.
  • Community over profit: Working with great communities and good software comes before working with big corporations.

Our Systems

Ticketing

Ticketing workflows, donor codes, concession management, and throughput guarantees during releases.

Pool Management

Dedicated at-a-glance allocations of tickets managed directly by leaders with access only to their own pools.

Processing

Integrating with PCI-aware providers, using only need-to-know data sets shared between any service

Security & Compliance

Fully segmented networks, isolated production, stage, and general networks, backed by audit logging, and architecture aligned with regulatory controls.

Features that matter

We target measurable reliability, privacy guarantees, and operational visibility for events of any scale.

Security and privacy
  • End-to-end TLS, strict cipher suites, and HSTS.
  • Encryption at rest with key rotation and managed KMS.
  • Least-privilege access, MFA, and periodic access reviews.
Scalability and HA
  • Baseline resources deployed to meet peaks at all times.
  • Active-passive failover, full data replicas for recovery, and capacity testing before major events.
Operational outcomes

Examples of improvements from technical changes and capacity planning.

  • Significant reduction in line wait time through widely-available web-based gate scanners
  • Vastly increased team-lead visibility into booking their team members
On the path for PCI-DSS compliance

Design choices to support PCI controls and audits for payment environments.

  • Every segment is isolated, from payment processing to web technologies.
  • Segmented private networks, strict firewall policies, a policy of "encrypt everything eveywhere"
  • Encrypted storage (AES-256), MFA protected admin

Meeting performance expectations

infrastructure engineered for uptime

Our platform is designed and tuned to deliver consistent low-latency responses at scale. The architecture combines fully dedicated redundant hardware, fast scaling strategies, multi-site redundancy through DNS, and operational tooling so we reliably support large ticket releases and steady event traffic.
We validate performance with load tests and automated regression suites to ensure readiness for production events.

At-a-glance specifications

Item Specification or capability
Baseline node capacity Infrastructure-grade dedicated hardware with reserved capacity and burst-enabled autoscaling; production sizing always specced to a minimum equivalent of c5.12xlarge (currently: 56 vCPU-class enterprise compute).
Peak throughput Validated to handle up to 10,000 concurrent requests across the cluster under typical event workloads with headroom for autoscale.
Network links per node All nodes on 10 Gbps connections to the fabric; upstream aggregation and load balancing provide scale beyond single-node capacity.
Storage & backups Offsite incremental backups, daily snapshots, point-in-time recovery, encrypted at rest and in transit; tested restore procedures and periodic drills.
Failover Multi-AZ active-passive failover, automated health checks, database replicas with automated promotion paths and documented runbooks.
DNS & routing Redundant DNS providers, global load balancing with health routing and multi-provider BGP failover to avoid single points of failure.

Network backbone and upstream providers

Tier1 and Tier2 providers with instantaneous failover and high-capacity peering ensure broad, resilient connectivity:

  • NTT: connected at 1 × 100 Gbps
  • Cogent: connected at 2 × 100 Gbps
  • Hurricane Electric: connected at 4 × 100 Gbps
  • TATA: connected at 1 × 100 Gbps
  • Ninja-IX peering exchange: connected at 1 × 100 Gbps
When AWS goes down, we don't.

Contracts and service locations are selected for maximum reliability with risk to network or infrastructure disruptions minimized and clear failover plans in place.

Operational controls and tooling

  • Proactive monitoring and alerting: metrics, traces, SLOs, synthetic checks
  • Incident management with escalation runbooks and PagerDuty on-call rotations
  • Automated end-to-end tests and regression using Cypress.io with CI gating
  • Strict separation of environments: isolated staging and production branches, identical infra-as-code manifests
  • Performance tuning: caching layers, CDN edge caching, connection pooling, DB query profiling

Testing, validation, and commitments

CI pipelines run unit, integration, and nightly Cypress end-to-end suites. Regular load tests simulate realistic event traffic and feed into capacity planning. Test artifacts and metrics are retained for audit and tuning work.

  • Readiness: ability to handle 10k concurrent requests across the cluster for ticketing events
  • SLOs: response-time targets per API tier with defined error budgets
  • Event playbooks: reserved capacity and operational runbooks activated ahead of major ticket drops

Fee Schedule

Effimaris Platform Pricing · Effective January 2026

Platform fees shown below are platform margins applied on top of card or interchange costs. Card fees shown separately by provider vary with merchant agreements and card mix.

Our fee schedule

Fees that go down, not up, each year.

Year Platform fee Card fees Interchange
Launch 2.5% + $0.70 per ticket ~2.9% (typical card fees)
2026 Actual 1.9% + $0.50 ~2.0%–2.9% (varies by card)
Final Target 1.0% card fees 1.5%–1.9%

Competitive comparison

Provider Typical platform fee Card fees / Per-ticket Notes
Eventbrite Canada 3.5% + $1.29 per ticket 2.9% of total order Plus subscription fees; varies by plan
Ticketmaster ~3.5%–5.5% ~2.9%; $1.00–$2.50 Higher-end pricing on major events
2026 Effimaris 1.9% + $0.50 ~2.9% + $0.30 Current target
Final Goal 1.0% zero 1.5%–1.9% interchange only

Destination: the Lowest Price — Anywhere

Target 1% + interchange

Our target destination is 1% + interchange pricing, which aims to remove third-party processor markups so that final costs are lower than the current combined platform + card fees charged by any major providers.

Our goal is to get to an all-in price to run a nonprofit event that is lower than the card fees (2.9%+) charged on any platform, anywhere in Canada.

You can help us achieve this!
Getting here requires significant investment, domestication, compliance attestation, and qualifying for direct interchange pricing.
Learn more about how we plan to do this in our open budget project items below.

Card fees shown above (card fees and interchange) are remitted to a credit-card processor or the financial institution directly (for example, Stripe or another merchant acquirer) and are not retained by the platform.

Coming Soon

Spring 2026 Release

New features focused on flexibility, privacy, and reducing friction for attendees and organizers.

Customizable refunding system

Flexible refund policies with configurable windows, partial refunds, and credit options tailored to each event's needs.

Preverified IDs

Support for attendees using names that differ from government ID, including deadname protection for trans and non-binary community members.

Secure ticket transfer

Safe peer-to-peer ticket transfers with audit trail, preventing scalping while allowing legitimate transfers between trusted parties.

Free automated e-transfer ticketing

Zero-fee payment option using Interac e-Transfer with automatic verification and instant ticket delivery.

Upcoming projects

Planned investments and compliance initiatives to strengthen reliability, reduce per-ticket costs, and increase local presence.

PCI-DSS / General Compliance program
Baseline estimate: CDN$8,000–15,000 (first year, external firm)
Compliance

Formalize controls for security, availability, and confidentiality, automate evidence collection, and undergo independent attestation to demonstrate control effectiveness.

Why we need this

Achieving benchmark compliance attestation helps us access materially cheaper card-processing rates through improved interchange pricing and better merchant terms. PCI-DSS CDE compliance requires retaining a third party attestation firm and extensive internal work, making it impractical for most organizations, but once achieved helps us unlock the lowest price point.

How you can help

Connect us with a third-party firm experienced in SOC readiness and attestation, or introduce evidence-automation tooling vendors to scope readiness, perform gap assessments, and run the audit.

Canadian Server Migration project
Capital estimate: CDN$2,800–3,600 (procurement, shipping, & setup)
Data residency

Procure and colocate a small cluster of high-performance servers in a Canadian datacenter to support regional failover, reduce latency, and meet privacy expectations for alternate-culture events.

This is a weird world, and it's time to take putting Canadian data in Canadian hands more seriously.

This reduces the long term cost of sustained operations, strengthens privacy and security guarantees for culturally sensitive events, and reduces cross-border transfer concerns for partners and attendees.

How you can help

We welcome donations or referrals of decommissioned enterprise-grade servers (v4-era or newer preferred) with specs above 128 GB RAM, 56 vCPU, and 1U/2U datacenter chassis for refurbishment and colocation. We can also benefit from being referred to accredited Canadian datacenters you have personal experience working with that offer PCI-DSS compliant private racks and flexible colo terms.

Budget estimates shown above are intentionally conservative from early planning to reflect scoped phases focused on readiness and initial attestation or procurement. Details, timelines, and project items will be available in our roadmap and budget projections.

Services We're Subscribed To

While we prefer to use non-profit companies and services where available, there are certain services for which we need something that will help us pass compliance or meet a specific need for the organization.

PagerDuty

We rely on PagerDuty for incident response and on-call management, ensuring rapid resolution of operational issues and compliance with uptime commitments.

BrowserStack

BrowserStack provides cross-browser and device testing, helping us guarantee accessibility and reliability across diverse environments.

Sectigo

Sectigo provides an ASV (Approved Scanning Vendor) service, which we require to meet PCI-DSS compliance obligations through regular vulnerability scanning and reporting.

Cypress.io

Cypress.io enables automated end-to-end testing, ensuring our systems meet quality standards and compliance requirements before deployment.

Zoho

Zoho supports organizational needs such email, worksheets, documents and file storage and other productivity tools, helping us manage operations effectively while meeting compliance obligations. Like many services, we need vendors that can make their SOC accreditation available to us.

Asana

Asana helps us coordinate projects, track tasks, and maintain accountability across teams, ensuring operational efficiency and compliance with organizational workflows.

Open Source Projects

As a nonprofit, we'd rather support community projects materially and financially than large corporations. Where we can, we choose open source tools that align with our values and give back to the communities that build them.

Peppermint

Peppermint is a self-hosted support ticket system that replaces expensive proprietary helpdesk software. It gives us full control over our support workflows while keeping data on our own infrastructure.

Listmonk

Listmonk is a self-hosted newsletter and mailing list manager that replaces services like Mailchimp. It handles our community communications without per-subscriber fees or third-party data sharing.

Join our community

Volunteer your skills

We're building something meaningful together. Whether you're a developer, designer, security engineer, or community organizer, there's a place for you here.

Developers
Security engineers
Designers
Translators
Community organizers
Onboarding sessions · Mentored projects · Community calls

Contact us

Questions about deployments, partnerships, compliance, or data residency? We try to respond within 3 business days.

Newsletter

We respect your privacy and will never sell your email. You can unsubscribe at any time.

Support

Paid support and pro-bono options. Contact for SLAs.

Security

Report a security issue (responsible disclosure).

Feedback

Submit a bug report or feature request to help us improve.