Security Overview
Effective June 29, 2026
Security is built into Rentivue by design. This overview summarizes the principal safeguards; it is informational and not a contractual commitment.
Authentication
- Password sign-in with hashing, account lockout, and rate limiting.
- Optional time-based one-time password (TOTP) two-factor authentication.
- Session expiration and effective revocation on password change.
Tenant isolation
Every record is scoped to a single company. Queries and operations are filtered by the active company, so one organization cannot read or modify another’s data.
Access control
Role-based permissions are enforced on every server operation; the interface hides what a role cannot do, and the server rejects it regardless. Mutations and sensitive reads are recorded in an immutable audit log.
Encryption
- Encryption in transit (HTTPS/TLS).
- Highly sensitive fields encrypted at rest with authenticated encryption (AES-GCM).
File storage
Documents are private by default and delivered through short-lived signed links, never public URLs. Access re-checks permission and confidentiality at delivery time.
Backups
Databases are backed up on a recurring schedule with retention, supporting recovery.
AI safety
AI output is draft-only and requires human review and approval before it is sent or relied upon. See the AI Disclaimer.
Responsible disclosure
If you believe you have found a security issue, please contact us promptly and avoid accessing data that is not yours. We appreciate good-faith reports.