Security Whitepaper

The Immutable Ledger

Every AI triage decision and manual PM action is hashed using SHA-256 and linked to the previous record in a cryptographic chain.

This chain is digitally signed with an RSA-2048 private key stored in GCP Secret Manager. Any attempt to modify historical records will break the chain of trust, providing mathematically verifiable proof of operational integrity.

AI Data Privacy

Quovio uses enterprise-grade AI providers (Google Gemini and Anthropic Claude) via their commercial APIs, which contractually guarantee that your data is never used to train foundation models. Per-property data isolation is enforced at the application layer — no cross-landlord data aggregation, in compliance with CA AB 325.

All AI inference runs server-side — tenant and property data is never exposed to client devices or third-party analytics pipelines.

Fair Housing Guardrails

Every AI-generated response passes through pre- and post-inference content filters that detect discriminatory language, eviction-adjacent actions, and protected class references. Flagged interactions are automatically escalated to human review. A built-in bias testing framework measures disparate impact across race, gender, language, and address — aligned with HUD 2024 AI guidance for residential rental markets.