We take the security of your data seriously. Learn about the measures we implement to keep your information safe and secure.
All data is encrypted both in transit (TLS 1.3) and at rest (AES-256). Your sensitive information is never stored in plain text.
Add an extra layer of security to your account with SMS-based or app-based two-factor authentication.
We use industry-standard authentication protocols with secure session management and automatic timeout for inactive sessions.
Role-based access control ensures that users only see and access the data they need. Staff permissions can be customized per user.
Our infrastructure is hosted on enterprise-grade cloud platforms with DDoS protection, firewalls, and continuous monitoring.
Your data is automatically backed up daily with point-in-time recovery capabilities. Backups are encrypted and stored securely.
At PropFlow, security is not an afterthought—it's built into everything we do. We understand that you trust us with sensitive property and financial data, and we take that responsibility seriously.
Our security program is designed to protect your data throughout its lifecycle, from the moment it enters our system to when it's securely deleted. We continuously monitor for threats and regularly update our security measures to address new challenges.
We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities before they can be exploited.
We have a dedicated incident response team and established procedures to quickly detect, respond to, and recover from security incidents.
All employees undergo security training and background checks. Access to production systems is strictly controlled and audited.
We comply with Kenyan data protection laws and implement best practices aligned with international standards like ISO 27001.
All payment transactions through M-Pesa are processed securely using Safaricom's official Daraja API. We never store complete M-Pesa credentials or sensitive payment data.
M-Pesa Secure Payments
We appreciate the security research community's efforts in helping us keep PropFlow secure. If you discover a security vulnerability, please report it responsibly.
Please include a detailed description of the vulnerability, steps to reproduce, and any supporting materials. We will acknowledge your report within 48 hours.
Contact Security Team