Security

Overview

Protecting customer data is central to Rentaro. This page summarizes our security practices at a high level. It is not an exhaustive list and may change as we improve our platform.

Infrastructure

We rely on reputable cloud providers and follow industry-accepted practices for network isolation, access control, and monitoring. Production environments are separated from development and testing where appropriate.

Data protection

Data is encrypted in transit using TLS. Sensitive data at rest is protected using provider-managed encryption and access policies aligned with least privilege.

Payments

Online payments are processed by Xendit. Payment credentials and card data are handled within Xendit's secure infrastructure and applicable certifications; Rentaro does not store full card numbers on our servers.

Access and authentication

Access to systems and customer data is limited to authorized personnel with a business need. We support strong authentication options for customer accounts where applicable.

Monitoring and incident response

We monitor for anomalies and maintain processes to investigate and respond to potential security issues. If we become aware of a breach affecting personal data in a way that requires notification, we will follow applicable law and contractual commitments.

Vulnerability reporting

If you believe you have found a security vulnerability in Rentaro, please report it responsibly. Do not perform testing that could harm users or the service.

Contact: support@rentaro.ph