Platform Security

At Total Pet Check, we handle sensitive tenant documentation and multi-family property data. We take our security infrastructure as seriously as our compliance standards.

1. Isolated Document Vaults

When a tenant uploads a vaccination record, ESA letter, or PSD documentation, those files are strictly isolated from the public web directory. Documents are dynamically routed and only accessible to authenticated property managers through time-limited session tokens. Direct access via web URL is mathematically impossible.

2. Bank-Grade Financial Processing

We do not store, process, or transmit raw credit card data on our servers. All financial transactions are handed off directly to Stripe via encrypted checkout sessions. Total Pet Check only receives a secure webhook confirming payment success.

3. Database Integrity & CSRF Protection

Every form submission on the platform—from manager logins to tenant pet creation—is guarded by cryptographic Cross-Site Request Forgery (CSRF) tokens. Passwords are salted and hashed using industry-standard modern cryptography (Bcrypt/Argon2).

4. 3rd Party Integrations

API keys provided for our 3rd party integration synchronization engines are stored securely and only utilized dynamically during roster synchronization or ledger fee injections. We operate strictly on a principle of least privilege.