Security
Effective date: March 1, 2026
1. Security Program
RentPayday maintains a security program focused on confidentiality, integrity, and availability of data across account, payment, and reporting workflows.
2. Access Controls
- Role-based access controls for landlords, admins, and support workflows.
- Account verification controls for sign-in and sensitive operations.
- Session and token management controls with logout revocation support.
3. Encryption and Secrets
- Transport security is used for browser and API communication.
- Sensitive integration secrets are encrypted before storage.
- Payment method details are handled by payment infrastructure providers and are not stored as raw card/bank numbers by RentPayday.
4. Logging and Monitoring
We maintain operational and audit logging for key actions, including account operations, financial workflow events, and system task outcomes.
5. Integrations and Webhooks
Mailbox and provider integrations use scoped credentials and subscription controls. Webhook processing includes validation and duplicate-safety logic where supported.
6. Vulnerability and Incident Response
We review and remediate reported issues based on severity and operational risk. Security incidents are investigated and addressed through documented response workflows.
7. Shared Responsibility
- Landlords and admins are responsible for accurate tenant contact records and lawful communications.
- Users must protect account credentials and authorized access methods.
- Users must promptly report suspicious activity or unauthorized access.
8. Security Contact
Report security concerns to: support@rentpayday.com.