Security & Trust
Built for organizations that take governance seriously.
DomusLedger is designed with modern SaaS security principles, organization-level isolation, controlled access, and auditability at the core of the platform.
Security by design
Security is part of the architecture, not an afterthought.
DomusLedger is being developed as a modern cloud platform for VvE governance, property operations, documents, communication, and stakeholder collaboration.
Because the platform handles governance records, operational information, resident data, and potentially sensitive documents, security and controlled access are treated as foundational product requirements.
The platform is being developed in alignment with modern SaaS security practices, GDPR-aware privacy principles, and operational governance concepts commonly associated with ISO 27001-oriented information security management.
Core protections
A security foundation for controlled VvE operations.
Tenant isolation.
Organization-scoped access patterns help ensure users only access data belonging to organizations where they have authorized membership.
Role-based access.
Access is controlled across administrators, board members, property managers, and residents using role-aware authorization.
Audit logging.
Important governance and administrative actions are logged to support traceability, accountability, and operational oversight.
Document protection.
Documents are managed with controlled visibility, upload restrictions, soft delete flows, and secure access patterns.
MFA support.
Multi-factor authentication is available to provide an additional layer of account protection.
Session security.
The platform includes inactivity timeout enforcement and application-level session controls.
Environment separation.
Development and production environments are separated to support safer testing, deployment, and operational control.
RLS-first architecture.
Row Level Security is used as a backend security boundary to support tenant isolation and least-privilege access.
Standards alignment
Aligned with modern SaaS security and privacy principles.
DomusLedger is not currently presented as ISO-certified. The platform is, however, being developed with security and governance principles inspired by internationally recognized frameworks such as ISO 27001, ISO 27017, ISO 27018, and GDPR.
Least-privilege access and role-aware permissions.
Organization-level isolation for multi-tenant governance.
Auditability for sensitive administrative actions.
Privacy-aware design supporting GDPR-aligned operations.
Ongoing roadmap toward stronger operational security maturity.
Continuous hardening
Security maturity is an ongoing process.
DomusLedger is being developed with a long-term security and governance roadmap. The current platform foundation already includes core protections such as RLS-based access isolation, MFA support, audit logging, controlled uploads, and session security.
Future hardening areas include expanded MFA enforcement, enhanced monitoring, security event logging, operational policies, backup and recovery procedures, and further formal alignment with recognized SaaS security frameworks.
Governance, access control, and trust in one platform.
DomusLedger is designed for organizations that need more than a simple document portal. It provides a structured foundation for secure governance, controlled collaboration, and operational accountability.