Your data in good hands
All Rentaflix infrastructure is hosted exclusively in European data centres. Connections are encrypted with TLS 1.3, independently rated Grade A. Here is exactly how we protect your data — and what we are still working on.
How we protect your data
Hosted exclusively in Europe
Your tenant records, financial history, documents, and all system data are stored in data centres located within the European Union. No data is transferred or processed outside EU/EEA territory.
TLS 1.3 — Grade A encryption in transit
All connections between your browser and Rentaflix are encrypted using TLS 1.3, the current industry standard. Independently assessed Grade A by SSL Labs. Forward Secrecy is enabled: each session is cryptographically independent, so past traffic cannot be decrypted even if a key is later compromised.
Enterprise-grade managed database
Your rental data is stored in a managed, enterprise-grade database platform with European data residency. The platform includes built-in redundancy, high availability, continuous monitoring, and access controls.
Enterprise document storage
Uploaded documents are stored in enterprise European cloud storage designed for durability and availability. Geographic redundancy ensures your files remain accessible. Documents are never accessible via a public URL — access is always authenticated through the Rentaflix service and limited to authorised users in your account.
Dedicated isolated deployment
Rentaflix runs in an isolated, containerised environment. Only the ports strictly required to operate the service are exposed — minimising the attack surface. Unnecessary services are not reachable from the internet.
GDPR-compliant infrastructure
All Rentaflix infrastructure partners operate within the European Union and comply with GDPR. Your data never leaves EU/EEA territory. We respect your rights under GDPR including the right to access, portability, and permanently delete your account and all associated data.
Publicly auditable TLS certificate
Our TLS certificate is published in public Certificate Transparency logs, making it independently verifiable by anyone. This prevents silent certificate substitution or mis-issuance from going undetected.
Your data is always exportable
Export your full portfolio at any time: Excel spreadsheets covering all rental and financial data, plus all uploaded documents and photos. No data lock-in — what you put in, you can take out. Google Drive integration for direct cloud export is coming soon for paid plans.
Strict account isolation & roles
Your account data is completely isolated from every other account on the platform. Within your own space, you can invite collaborators and assign them role-based permissions — read-only or limited update access — so you always control who sees and does what. Sessions expire automatically after 6 hours of inactivity; your session extends automatically while you are actively using the app, and always expires completely after 14 days. Rentaflix staff do not access your data except when assisting with a support request you have initiated.
Incident notification
If a security incident affecting your account is detected, you will be notified by email without delay. We believe transparency about security events is non-negotiable.
What we are still working on
Transparency builds trust. These are the security improvements currently planned or in active development.
Multi-factor authentication (MFA) for all accounts
Automated database backups with configurable retention
Key-based SSH access — replacing password authentication
Signed Data Processing Agreements (DPA) with all infrastructure providers
Report a vulnerability
Found a security issue? Please report it responsibly to contact@rentaflix.com