Vanio AI DocsVanio AIDocs
OwnerSmall HostPMLarger PMEnterpriseClean Co.CleanerMaint Co.Maint.

Security & Privacy

How Vanio protects your property management data with enterprise-grade security, AI privacy controls, and strict access isolation between accounts.

Security & Privacy

Vanio takes data security seriously. Here's how we protect your data and your guests' information.

Infrastructure

  • Hosting: Deployed on Vercel (enterprise-grade infrastructure)
  • Database: Supabase (PostgreSQL) with row-level security
  • Payments: Stripe Connect — PCI DSS Level 1 compliant. Card data never touches our servers
  • Smart Locks: Connected via Seam with end-to-end encrypted communication

Data Handling

  • Guest data: Stored securely in our database with access controls
  • Payment data: Handled entirely by Stripe — we never store card numbers
  • Lock codes: Generated and transmitted securely via Seam's encrypted channels
  • Conversation data: Stored for AI context and audit trail, accessible only to authorized users

AI & Privacy

  • No training on your data: Your guest conversations and property data are not used to train AI models
  • Contextual access: AI only accesses data relevant to the current conversation or task
  • Audit trail: Every AI action is logged and visible to the property manager
  • Human override: Hosts can intervene in any AI decision at any time

Access Controls

  • Role-based access: Team members see only what they need
  • Service provider isolation: Cleaners and maintenance workers see only their assigned tasks
  • Owner access: Property owners see only their own properties and revenue (coming soon)
  • API keys: Programmatic access is controlled via API keys with configurable permissions
  • Data isolation: Your knowledge base articles, guest information, and property data are completely isolated from other property managers. You can only view and edit content that belongs to your account

Recent Security Improvements

Enhanced Knowledge Base Protection — We've strengthened access controls for knowledge base articles. Your custom content, property guides, and internal documentation are now even more secure with additional verification checks that prevent unauthorized access.

Compliance

  • GDPR: Guest data can be exported and deleted on request
  • PCI DSS: Payment processing is fully PCI compliant via Stripe
  • SOC 2: In progress
securityprivacycompliancedata
Last updated April 2026