Security and data protection at Reqzi
Property teams trust Reqzi with visitor logs, resident details, and building activity. Here is exactly how we look after that data — what we do, who we work with, and how to reach us about it.
Encryption everywhere
All traffic between your browser, our apps, and our APIs is encrypted in transit with TLS. Data is stored on managed database infrastructure with encryption at rest.
Two-factor authentication
Admin accounts support TOTP-based two-factor authentication using any standard authenticator app, and organisations can enforce 2FA for every admin on their account.
Role-based access control
Property admins, front desk staff, and residents each get their own application with permissions scoped to their role. Staff only see what their job requires.
Tenant isolation
Reqzi is multi-tenant by design. Every record is scoped to your organisation, and data from one customer is never visible to another.
Audit trails
Visitors, parcels, service requests, and incidents are automatically logged with timestamps. The audit trail you offer your residents is the same one we build on.
Payments handled by Stripe
All subscription payments are processed by Stripe, a certified PCI Level 1 service provider. Card details are entered on Stripe-hosted pages and never touch our servers.
UK GDPR and your data
Your data remains yours at all times. We process it only to provide and improve the service you are paying for, in line with UK GDPR and data protection standards. We do not sell personal data, and we do not share it with third parties beyond the infrastructure providers listed below.
You can request an export of your organisation's data, or its deletion, at any time. A Data Processing Agreement (DPA) is available on request for customers who need one for their own compliance.
Full details of what we collect and why are in our Privacy Policy.
Subprocessors we rely on
Reqzi runs on established, security-audited cloud providers. These are the services that may process data on our behalf:
| Provider | Purpose |
|---|---|
| Vercel | Web application hosting |
| Railway | API hosting |
| Supabase | Managed database and file storage |
| Stripe | Subscription billing and payments |
| Expo | Mobile app delivery and push notifications |
| HubSpot | Sales enquiries and CRM |
| Cal.com | Demo scheduling |
Reporting a security issue
If you believe you have found a vulnerability in Reqzi, please email support@reqzi.com with the details. We review every report and will respond as quickly as we can. Please do not test against accounts or data that are not your own.
Questions about security or compliance?
Book a demo and bring your security questionnaire — we're happy to walk through it.