When you use Cozy’s services, all the information you send and receive is transmitted securely over HTTPS (look for the green bar in your browser to confirm).
To protect your privacy, we limit the amount of sensitive data we store on our servers. For example, we do not store the contents of credit reports or background checks, or credit card numbers. When we do store financial information, we encrypt and protect that data on secure servers.
We designed and built all our systems with multiple levels of security, and we manage them according to industry best practices. Our hosting provider maintains world-class facilities that are certified to the highest levels of physical and virtual security. Reputable third-party security firms perform regular internal and external security audits of our systems, something we consider an essential investment.
When you use Cozy, you own and control your information. We limit access to your information whenever possible. Cozy landlords must verify their identities before viewing credit reports and background checks, or receiving payments.
All Cozy employees receive thorough training before accessing customer data, and we comply with the Fair Credit Reporting Act (FCRA) and the Gramm–Leach–Bliley Act (GLBA). We share information securely with trusted third parties only when needed—to provide services, prevent fraud, and meet legal requirements.
Even though we review every financial transaction for fraud, we recommend only sending payments to people you know. The same goes for sharing your information. If you have any questions or concerns about safety or security, please contact us at firstname.lastname@example.org.
We take security seriously and we appreciate your help in notifying us of vulnerabilities in a responsible manner. If you are a security researcher and have found a potential security vulnerability in our systems, please send details to email@example.com.