Policies

Security & Privacy

We take security seriously at Cozy. Not only do we adhere to the highest industry standards, we continually update our security practices to ensure your information is safe.

Data Security

When you use Cozy’s services, all the information you send and receive is transmitted securely over HTTPS (look for the green bar in your browser to confirm).

To protect your privacy, we limit the amount of sensitive data we store on our servers. For example, we do not store the contents of credit reports or background checks, or credit card numbers. When we do store financial information, we encrypt and protect that data on secure servers.

We designed and built all our systems with multiple levels of security, and we manage them according to industry best practices. Our hosting provider maintains world-class facilities that are certified to the highest levels of physical and virtual security. Reputable third-party security firms perform regular internal and external security audits of our systems, something we consider an essential investment.

Ownership

When you use Cozy, you own and control your information. We limit access to your information whenever possible. Cozy landlords must verify their identities before viewing credit reports and background checks, or receiving payments.

All Cozy employees receive thorough training before accessing customer data, and we comply with the Fair Credit Reporting Act (FCRA) and the Gramm–Leach–Bliley Act (GLBA). We share information securely with trusted third parties only when needed—to provide services, prevent fraud, and meet legal requirements.

Keep Yourself Safe

Even though we review every financial transaction for fraud, we recommend only sending payments to people you know. The same goes for sharing your information. If you have any questions or concerns about safety or security, please contact us at support@cozy.co.

Responsible Disclosure

We take security seriously and we appreciate your help in notifying us of vulnerabilities in a responsible manner. If you are a security researcher and have found a potential security vulnerability in our systems, please send details to security@cozy.co.