Your Data Is Safe With listo

Enterprise-grade security and privacy controls protect your property data

Built for Security From Day One

Your Data Stays Yours

We never sell or share your property data. You own your information and can export or delete it anytime.

Security Best Practices

Built with enterprise-grade security controls aligned with industry standards like SOC 2 and ISO 27001.

Privacy-First Design

Designed to support GDPR and CCPA requirements. Right to access, portability, and deletion built in.

How We Protect Your Data

Data protection

  • AES-256 encryption for all data at rest
  • TLS 1.3 encryption for data in transit
  • Encrypted database backups with 30-day retention
  • Access is restricted and audited for all sensitive data
  • Regular security penetration testing
  • Automated vulnerability scanning

Infrastructure security

  • Enterprise cloud infrastructure (Supabase built on AWS)
  • Tier-certified data centers with physical security
  • Multi-region redundancy and failover
  • 24/7 security monitoring and alerts
  • DDoS protection and rate limiting
  • Network isolation and firewalls

Access controls

  • Multi-factor authentication (MFA) required
  • Role-based access control (RBAC)
  • Single sign-on (SSO) integration
  • Session management and automatic logout
  • Audit logs for all data access
  • Employee background checks

Compliance & monitoring

  • Aligned with SOC 2 security principles
  • Designed to support GDPR and CCPA requirements
  • Regular security assessments and reviews
  • Documented incident response procedures
  • Data breach notification protocols
  • Ongoing security and compliance monitoring

Security Standards & Principles

πŸ”’

SOC 2 aligned

Built with security controls aligned with the SOC 2 Type II framework

πŸ‡ͺπŸ‡Ί

GDPR ready

Designed to support European General Data Protection Regulation requirements

πŸ‡ΊπŸ‡Έ

CCPA ready

California Consumer Privacy Act controls and data rights support

Complete Control Over Your Data

You decide what data to share, who can access it, and how long to keep it. Our privacy-first approach puts you in control.

  • Export all your data in standard formats
  • Delete specific photos or entire properties
  • Control team member access levels
  • Set automatic data retention policies
  • Review all data access logs
  • Opt out of any data processing

Security & Privacy Questions

Where Is My Data Stored?

All data is stored in enterprise-grade cloud infrastructure (Supabase, built on AWS) with data centers in the United States. We use multiple availability zones for redundancy and never store data on local devices.

Can listo employees see my photos?

No. Photos are encrypted at upload and can only be decrypted by your team. Our employees have zero access to your property photos or inspection data.

How Do You Handle Data Breaches?

We have a comprehensive incident response plan with 24/7 monitoring. In the unlikely event of a breach, we'll notify affected users within 72 hours.

Can I Delete All My Data?

Yes. You can delete individual photos, entire properties, or your complete account. Once deleted, data is permanently removed from all systems within 30 days.

How Often Are Security Assessments Performed?

We conduct regular security assessments, penetration testing, and vulnerability scans to ensure ongoing protection. Our infrastructure providers also maintain continuous security monitoring.

Ready to Protect Your Properties Securely?

Trusted by hundreds of hosts and property managers

Try it now Contact security team