Our Commitment to Security
At HOAS, we understand that you're entrusting us with sensitive financial and personal data for your homeowners association. Security and data privacy aren't just features—they're fundamental to everything we build. We implement industry-leading security practices to ensure your data remains safe, private, and accessible only to authorized users.
Security Features
End-to-End Encryption
All data transmitted between your browser and our servers is encrypted using industry-standard TLS/SSL protocols.
Data Encryption at Rest
Your data is encrypted when stored in our databases, adding an extra layer of protection against unauthorized access.
Secure Authentication
Password-based authentication with bcrypt hashing, session management, and secure password reset mechanisms.
Multi-Tenant Isolation
Complete data separation between HOAs ensures your data is never mixed with or visible to other organizations.
Row-Level Security (RLS)
Database-level security policies ensure users can only access data they're authorized to see.
Activity Logging
Comprehensive audit trails track all data access and modifications for accountability and compliance.
Regular Backups
Automated daily backups with point-in-time recovery ensure your data can be restored in case of any issues.
Role-Based Access Control
Granular permissions system allows you to control exactly what each user can see and do within your HOA.
Infrastructure Security
HOAS is built on Supabase, a secure and reliable platform that provides enterprise-grade infrastructure. Supabase is an open-source Firebase alternative backed by Y Combinator, offering:
- Cloud Infrastructure: Hosted on secure, SOC 2 compliant cloud infrastructure with 99.9% uptime guarantee
- PostgreSQL Database: Powered by enterprise-grade PostgreSQL with automatic backups and point-in-time recovery
- Row Level Security (RLS): Database-level security policies built into Supabase PostgreSQL ensure complete data isolation
- DDoS Protection: Advanced protection against distributed denial-of-service attacks
- Firewall Protection: Network-level security to prevent unauthorized access
- Regular Security Updates: Automatic security patches and updates to protect against vulnerabilities
- Monitoring and Alerts: 24/7 system monitoring with automatic alerts for suspicious activity
- Edge Functions: Secure serverless functions for handling sensitive operations
Supabase's infrastructure is trusted by thousands of companies worldwide and maintains the highest standards of security and reliability.
Data Sovereignty
Your data is stored securely within your region and is never shared with third parties. You maintain full ownership and control of your HOA data at all times.
Privacy Protection
Data Collection and Usage
We only collect data necessary to provide our services to you:
- HOA and property information for management purposes
- User account information for authentication and access control
- Financial transaction data for billing and payment processing
- Usage analytics to improve our platform (anonymized and aggregated)
We Never:
- Sell your data to third parties
- Use your data for advertising purposes
- Share your data with other HOAs or organizations
- Access your data without authorization or valid legal requirement
Your Rights
You have complete control over your data:
- Access: View all data we have about your HOA at any time
- Export: Download complete copies of your data in standard formats
- Delete: Request permanent deletion of your HOA data
- Correct: Update or correct any inaccurate information
- Portability: Transfer your data to another platform if needed
Compliance and Standards
HOAS adheres to international security and privacy standards:
Security Best Practices for Users
While we implement strong security measures, we recommend following these best practices:
- Use strong, unique passwords for your HOAS account
- Never share your login credentials with others
- Log out when using shared computers
- Regularly review user access and remove inactive accounts
- Enable all available security features for your HOA
- Report any suspicious activity immediately to our support team
Incident Response
In the unlikely event of a security incident, we have a comprehensive response plan to immediately contain, investigate, and resolve the issue. All affected users are notified promptly with clear information about the incident and recommended actions.
Questions About Security?
If you have questions about our security practices, need to report a security concern, or want to learn more about how we protect your data, please contact our security team at security@hoas.ph
For our complete privacy policy, please visit our Privacy Policy page.