We take security seriously
Rentymate is built with security at its core. Your data — and your customers' data — is protected at every layer.
Infrastructure & data storage
When you sign up, you choose where your data is stored — and it never leaves that location. We comply with local data protection laws wherever we operate. All data is encrypted at rest and in transit. Regular automated backups are taken and tested to ensure recoverability. Our infrastructure providers maintain strict physical security controls including 24/7 on-site security, access logging, and environmental safeguards.
Access control
Every account's data is strictly isolated. We follow industry best practices to ensure your team members can only access what they need. We apply the principle of least privilege across our internal systems and regularly review access rights.
Application security
We follow industry-standard secure development best practices throughout our engineering process. Our team conducts regular security reviews and keeps a close eye on emerging threats and vulnerabilities to ensure Rentymate stays ahead of them.
Payments
Payment processing is handled by Stripe, a PCI DSS Level 1 certified provider. Rentymate never stores raw card numbers. All payment data flows directly through Stripe's secure environment.
Report a vulnerability
Responsible disclosure policy
If you believe you've found a security vulnerability in Rentymate, please let us know right away. We're committed to working with security researchers to verify, reproduce, and respond to legitimate findings. We ask that you don't publicly disclose the issue until we've had a chance to address it.
Send your report to [email protected]. Please include a description of the issue, steps to reproduce, and any relevant proof-of-concept. We'll acknowledge receipt within 2 business days and keep you updated on our progress.
PGP public key — [email protected]
-----BEGIN PGP PUBLIC KEY BLOCK----- mDMEaftZAhYJKwYBBAHaRw8BAQdA/dhRnIKklO7E3AtPqoi4N29IhcfSG5a9FeMN 2uLDmJi0MFJlbnR5bWF0ZSBTZWN1cml0eSBUZWFtIDxzZWN1cml0eUByZW50eW1h dGUuY29tPoiTBBMWCgA7FiEEbTK/PxoErDocO1fvT9Ka8xGp8W8FAmn7WQICGwMF CwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQT9Ka8xGp8W9z3AEAuocOPTj/ V5Ddi5EbPrjUKHTw8OouCt3KLnUMf3wzGcsBAMVC/TF69B8pF5HgPUpYd8SXh+8e 8ENzu6qJ7E8KWmMEuDgEaftZAhIKKwYBBAGXVQEFAQEHQI7nSpmRHfBpAyvoBsXo +bV+MN6gELCpI75QQpdTxZgtAwEIB4h4BBgWCgAgFiEEbTK/PxoErDocO1fvT9Ka 8xGp8W8FAmn7WQICGwwACgkQT9Ka8xGp8W+WpAD+LtLZswUAq3koEhj5h2mnMJGn fm+I/msfIIvmBfArBl4A/RXzzqvYha/guJ8LwUuI79HQ5MRpKdxY9f1nd8pkej4K =tApd -----END PGP PUBLIC KEY BLOCK-----
Fingerprint: 6D32 BF3F 1A04 AC3A 1C3B 57EF 4FD2 9AF3 11A9 F16F
General questions? Reach us at [email protected]