Rentals United software is trusted by thousands of companies around the world including top world’s OTAs, Property Management Software, Property Managers and other innovative tech partners.

Our application is designed to support large, security-sensitive enterprise organizations. We continually protect our customers and partners through efforts like SOC 2 Type II compliance (in progress)

People often represent the weakest link

Our staff’s commitment to security

All Rentals United employees/contractors/partners are under Non Disclosure Agreements ensuring your privacy.

All Rentals United employees periodically undergo security awareness training.

We partner with Vanta for employee on-boarding and device security.

Compliance

At Rentals United, we continuously invest in security best practices to ensure that our customers’ and partners’ data is safe. We are currently partnering with Vanta which helps us become and remain SOC 2 compliant.

Data security

Rentals United physical infrastructure is hosted and managed within Amazon’s secure data centers and utilizes the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.

Amazon’s data center operations have been accredited under:

ISO 27001

SOC 1, SOC 2 and SOC 3 / SSAE 16/ISAE 3402 (Previously SAS 70 Type II)

PCI DSS Level 1

AWS also continually works to comply with any new or changing regulations, such as:

FISMA Moderate

Sarbanes-Oxley (SOX)

HIPAA

FEDRAMP

GDPR

View the full list of Amazon AWS certifications here.

Application

The Rentals United application runs within an isolated environment in AWS (eu-west, eu-central), a cloud platform that manages infrastructure configuration, scaling and security.

All Rentals United’s applications run in the Virtual Private Cloud environment that isolates processes, memory, data transfer and utilises host-based firewalls.

Encryption/Secure Transmission

Rentals United encrypts all data in transit using TLS 1.2.

Penetration and Vulnerability Testing

Rentals United processes are designed to proactively remediate security risks. Rentals United is notified of vulnerabilities through internal and external assessments, system patch monitoring, and third party mailing lists and services. Each vulnerability is reviewed to determine if it is applicable to Rentals United’s environment, ranked based on risk, and assigned to the appropriate team for resolution.

Bug Bounty – the crowd security testing

Rentals United uses Open Bug Bounty which is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible and ISO 29147 compatible vulnerability disclosure.

Privacy

At Rentals United, we take your privacy seriously. We’re committed to protecting the privacy of the personal information you provide us. To learn more, read our Privacy Policy.

GDPR

Rentals United is committed to adhere to Europe’s General Data Protection Regulation (GDPR). We’ve implemented technical and organisational security measures that better protect our customers’ personal data. We’re committed to assisting our customers with satisfying their GDPR data security and privacy requirements.

PCI

Rentals United’s infrastructure provider is PCI Level 4 compliant.

Best in class service

Rentals United is committed to providing reliable service and quick support responses to issues. Our application has 99.9% uptime; the current status of our application performance and any past incidents can be seen on our status page.

Rentals United provide security features free of charge including

Single Sign-On (Google, LinkedIn)

Enhanced Password Security

Multi Factor Authentication

Responsible Disclosure Policy

Data security is a top priority for Rentals United, and Rentals United believes that working with skilled security researchers can identify weaknesses in any technology. If you believe you’ve found a security vulnerability in Rentals United service, please notify us; we will work with you to resolve the issue promptly.

Disclosure Policy

If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at security@rentalsunited.com. We will acknowledge your email within one week.

Please provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within ten business days of disclosure.

Make a good faith effort to avoid violating privacy, destroying data, or interrupting or degrading the Rentals United service. Please only interact with accounts you own or for which you have explicit permission from the account holder.

‍

Exclusions

Rentals United is providing this service to help ensure a safe and secure environment for all of its users. As such, any users believed to be engaging in the below activities will have their user credentials immediately deactivated.

While researching, we’d like you to refrain from:

Denial-of-Service (DoS)

Spamming

Social engineering or phishing of Rentals United employees or contractors

Any attacks against Rentals United’s physical property or data centers

This policy applies to the Rentals United Applications hosted at rentalsunited.com and to any other subdomains or services associated with the Rentals United system.

Thank you for helping to keep Rentals United and our users safe!

Contact

Rentals United is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us at security@rentalsunited.com.