Start tracking today
2.65M UK landlords · most still on spreadsheets
Navigation
LetCompliance holds compliance records, tenant details and financial data — so security is not a feature, it is the foundation. Here is exactly how we protect it.
Quick answer
Your data is encrypted in transit (TLS) and at rest (AES-256), hosted in UK and EU data centres, and isolated per account with Postgres Row-Level Security. Payments run through Stripe (PCI DSS Level 1) — we never store card details. We act in line with UK GDPR, keep a tamper-evident audit trail, and you can export or delete your data at any time.
Your data is encrypted in transit with TLS and at rest with AES-256. Nothing moves or sits in the clear.
Application and database infrastructure runs in UK and EU data centres, keeping your data within UK/EU jurisdiction.
Every account and agency workspace is isolated at the database layer with Postgres Row-Level Security — your records are never visible to another account.
Billing runs through Stripe (PCI DSS Level 1). We never see or store your card details.
Compliance-critical actions are written to an append-only audit log, so you can produce tribunal-grade evidence of what happened and when.
Your data is backed up automatically so it can be recovered if the unexpected happens.
Passwordless tenant and contractor links are scoped to a single tenancy or job by a unique token, and can be revoked at any time.
We handle personal data in line with the UK GDPR and the Data Protection Act 2018. You can request access, export or deletion of your data at any time.
We use a small number of vetted, industry-standard providers to run the service. Each is contractually bound to protect your data.
| Provider | Purpose | Region |
|---|---|---|
| Supabase | Database, authentication & encrypted file storage | UK / EU |
| Vercel | Application hosting & content delivery | UK / EU |
| Stripe | Subscription billing & payments (PCI DSS Level 1) | UK / EU |
| Resend | Transactional & reminder email delivery | EU / US |
| Brevo | SMS reminders (higher tiers) | EU |
It is your data. Under UK GDPR you can ask us to provide a copy, correct it, export it, or delete it — and we will. Cancel any time and your data can be exported or erased on request. We never sell your data or your tenants’ data to anyone.
Read our Privacy PolicyYour application and database infrastructure runs in UK and EU data centres, keeping your data within UK/EU jurisdiction. Data is encrypted at rest with AES-256 and in transit with TLS.
No. Every account and agency workspace is isolated at the database level using Postgres Row-Level Security. Queries can only ever return rows that belong to your own account or workspace.
No. All billing is handled by Stripe, a PCI DSS Level 1 payment processor. Your card details are entered directly with Stripe and never touch or stay on our servers.
We process personal data in line with the UK GDPR and the Data Protection Act 2018, as a data processor acting on your instructions. You can request access to, export of, or deletion of your data at any time by contacting us.
Email letcomplianceuk@gmail.com with the details. We take responsible disclosure seriously and will acknowledge and investigate every report.
Found something? We take responsible disclosure seriously. Email letcomplianceuk@gmail.com and we will acknowledge and investigate every report.
LetCompliance — UK rental compliance, built for UK law and UK/EU data residency.