Security First
HOAcrew is built with enterprise-grade security to protect your community data, vendor information, and financial transactions.
Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption via our infrastructure partners.
Role-Based Access
Strict role-based access controls ensure CAMs only see their community data, vendors only see their assigned work orders, and admin access is limited.
Audit Logging
All critical actions are logged including work order approvals, payment processing, document verifications, and dispute resolutions.
Infrastructure
Hosted on Vercel with Supabase (AWS) infrastructure. SOC 2 Type II compliant database and authentication services.
Authentication
Secure authentication via Supabase Auth with support for email/password, Google OAuth, and session-based token management.
Compliance Verification
Vendor insurance documents are verified through our compliance pipeline with automated expiration monitoring and alerts.
Report a Vulnerability
If you discover a security vulnerability, please report it responsibly to security@hoacrew.com. We take all reports seriously and will respond within 48 hours.