You're trusting KeyProp with your tenants' payments and your financial records. Here's how we keep them safe.
All payments run through Stripe, a PCI-DSS Level 1 certified processor. Card and bank-account numbers are sent directly to Stripe — they are never stored on KeyProp's servers.
Every landlord's data is protected by database row-level security, so one account can never read or change another's properties, tenants, or payments — enforced at the database, not just the app.
Traffic is served over HTTPS/TLS, and your data is encrypted at rest in our managed Postgres database (Supabase).
Accounts use modern, token-based authentication with hashed credentials. Pay and autopay links are signed and time-limited so they can't be guessed or reused.
Server actions verify ownership on every request, and tenant pay links never expose your dashboard. Sensitive operations are logged to an audit trail.
We don't sell your data. If you cancel, your records are retained for 30 days so you can reactivate, then permanently deleted. You can request deletion anytime.
Built on trusted infrastructure. KeyProp runs on Stripe (payments), Supabase/PostgreSQL (data), and a globally distributed application platform — the same building blocks used by thousands of modern fintech and SaaS products.
Found a security issue? Please report it to support@keyprop.io — we take reports seriously and will respond promptly.