DoorVault protects your most sensitive real estate financial data with multiple layers of encryption, strict access controls, and continuous monitoring. We built security into every layer of the platform.
From the moment your data enters DoorVault to how it's stored, accessed, and protected — security is never an afterthought.
All data is encrypted at rest using AES-256 encryption. Every connection uses TLS 1.3. Sensitive data is encrypted with Fernet symmetric encryption before storage — we never store plaintext passwords.
Sign in with passkeys (FIDO2/WebAuthn), Google, Apple, or email + password with TOTP two-factor authentication. Brute-force protection locks accounts after failed attempts. Session tokens auto-expire.
Hosted on Railway (SOC 2 Type II compliant) with PostgreSQL managed databases. Documents stored on Cloudflare R2 with S3-compatible encryption. All infrastructure in US data centers with automated backups.
Every sensitive action is logged with timestamps, IP addresses, and user context. Login attempts, data exports, document access, and admin actions are all tracked in an immutable audit trail.
Role-based access with household data isolation. Each user only sees their own data. Household members share data only when explicitly invited. Admin actions require elevated verification.
Real-time error tracking with Sentry captures exceptions before they impact users. Uptime monitoring ensures 99.9%+ availability. Automated alerts notify our team of any anomalies within seconds.
Your financial data is protected by multiple encryption layers. We use industry-standard AES-256 for data at rest, TLS 1.3 for data in transit, and Fernet symmetric encryption for sensitive credentials.
Document files stored in Cloudflare R2 are encrypted server-side. Database backups are encrypted. Even our AI document analysis pipeline processes data in memory and never persists raw text to third-party services.
We support the most secure authentication methods available today. Passkeys (FIDO2/WebAuthn) provide phishing-resistant passwordless login. Google and Apple SSO let you leverage their security infrastructure.
For password-based login, we enforce strong hashing (PBKDF2-SHA256 with salt), automatic lockout after failed attempts, and optional TOTP two-factor authentication with backup recovery codes.
Our Knox AI assistant uses Anthropic's Claude API to analyze your documents and transactions. Your data is processed but never stored by Anthropic, never used for model training, and never shared with third parties.
We implement prompt injection detection to prevent malicious documents from manipulating AI behavior. All AI outputs are validated and sanitized before being applied to your data.
Built on trusted infrastructure providers with enterprise security certifications.
SOC 2 Type II certified hosting platform with isolated containers and encrypted networking
Managed database with automatic backups, point-in-time recovery, and encrypted storage volumes
Global CDN with DDoS protection, Web Application Firewall, and R2 object storage with encryption
Real-time error monitoring and performance tracking with instant alerts for any security anomalies
Transparency about how we handle your data.
You can delete your account and all associated data at any time. When you delete data, it's permanently removed from our databases and storage — no shadow copies, no hidden retention.
We will never sell your data to third parties. Your financial information, documents, and property details are yours. We make money from subscriptions, not from selling your data.
Export your complete data anytime — properties, transactions, documents, tax reports. We support CSV, PDF, and Excel exports. Your data should never be locked in.
Join investors who trust DoorVault to protect their most sensitive financial information.
Get Started Free