Qmunidad handles sensitive residential data โ resident records, visitor logs, guard accounts. We take that responsibility seriously.
All data is encrypted in transit via TLS 1.2+ and encrypted at rest using AES-256. No data is ever transmitted or stored in plaintext.
Qmunidad runs on Supabase (PostgreSQL on AWS) and Vercel. Both are SOC 2 Type II certified providers with 99.9% uptime SLAs and automatic failover.
Every database query is governed by Supabase Row-Level Security (RLS) policies. Guards can only see their assigned village. Residents only see their own data. Developers only access the villages they own.
Authentication is handled by Supabase Auth. Passwords are hashed using bcrypt and never stored in plaintext. We support email/password login with plans for multi-factor authentication.
We store resident names, block/lot assignments, and contact numbers provided by the HOA or developer. Visitor logs include visitor names and purpose of visit. Guard and admin accounts store email addresses and hashed passwords. No financial data is stored on our servers.
We do not sell, rent, or share your data with third parties for advertising or commercial purposes. Village data belongs to the developer or HOA that owns that village.
Your village data is yours. Developers and HOA administrators can request a full data export at any time. Upon account termination, data is deleted within 30 days upon request.
If you discover a security vulnerability, please report it to us directly at the email below. We take all reports seriously and will respond within 48 hours.
Qmunidad is independently built and maintained. Every security decision is made directly by the person who wrote the code โ no layers, no outsourcing. You always know who is responsible.
Found a vulnerability or have a security concern? Contact us directly.
hello@qmunidad.com