Security & data protection
Direnti is the system of record for an owner’s rental operation, which means it holds sensitive documents and personal data. Here is how that information is handled — plainly, without the marketing.
Data protection
Account data and personal information are encrypted in transit (TLS) and at rest. Access is scoped per role — an owner sees only their own homes and residents, and a resident sees only their own home. There is no cross-owner data access under any circumstance, enforced at the database level with row-level security.
Document storage
Leases, identification, pólizas, and CFDIs are stored in a private, access-controlled vault, organized per home and per category. Owners control who can see each document; residents see only the documents that belong to them. Files are never publicly addressable.
Payment handling
Direnti records and reconciles payments but is not a custodian of funds — rent moves directly between resident and owner over Mexican bank rails (SPEI). We keep the receipts and the timeline, not your money. Provider integrations are wired through audited adapters with credentials kept server-side, never exposed to the browser.
Compliance infrastructure
Every lifecycle event — application, verification, signature, registry submission, payment, invoice — is written to an immutable home timeline. Compliance requirements (CFDI, póliza jurídica, registry deadlines, rent-increase caps) are resolved by a rules engine rather than hardcoded, so the record reflects the actual legal obligations for each rental.
Have a security question, or need a data-processing detail for compliance? Reach us directly — we answer security questions from real people, not a bot. This page will expand with our formal security and privacy documentation as Direnti grows.