Security you can trust

Your data needs to be handled with care. We are committed to meeting data security protection standards.

Talk to us

Our compliance certifications

StarRez maintains multiple 3rd party certifications for security.

  • SOC 2 Type II

    SOC 2 requires strict information security policies and procedures, encompassing the security, availability, processing, integrity, and confidentiality of customer cloud data.


    Our handling of payment processes is checked each year, and we are certified as a Level 1 PCI DSS Service Provider.

  • HIPAA-Ready

    StarRez can help you meet your legal obligations for health care data. We provide granular security controls allowing you to restrict access to just those who need it.

  • FERPA-Ready

    StarRez can be used in a way that enables you to meet FERPA requirements. StarRez can agree to act as a school official when it comes to handling regulated student data.

  • Cyber Essentials Plus

    Cyber Essentials Plus helps organizations to guard against the most common cyber threats and demonstrate their commitment to cybersecurity.

GDPR Compliance

At StarRez, we are committed to protecting your data and complying with the General Data Protection Regulation (GDPR), whether you’re in the EU or elsewhere. Your trust is a critical priority, and that includes honoring and respecting your data privacy rights. StarRez does not sell customer information, and we have a dedicated team ready to assist with data-related inquiries.

Security Features

StarRez implements and monitors a comprehensive range of controls across all our services.

  • Physical Security
    We host on Azure, who provide robust physical security and environmental controls.
  • Authorisation
    We support a range of Single Sign-On (SSO) providers, in addition to our own secure standalone authentication.
  • Encryption
    Data in transition and at rest is protected by 256-bit TLS and AES256 encryption.
  • Data Privacy
    We only use customer data to provide the service; we don't mine or access your data for other purposes.
  • Data Ownership
    Your data belongs to you. We won't delete data in your account without giving you time to export it, and it will never be sold.
  • Data Sovereignty
    We keep your data and backups in the geographic area you specify.
  • Disaster Recovery
    We can restore your data back to any point in time during the last 35 days, and to any week in the last year.
  • Tested and Proven
    Our platform is regularly tested for vulnerabilities, including manual penetration testing.
  • Secure Integrations
    Trust that your resident payment data is protected at the highest standards with PCI 4.0 compliant integrations.

Technology Partners

The best names in the business.

  • Microsoft Gold Partner

    The highest level a Microsoft Partner can reach. Be assured that our business is in safe hands as we continue to develop the expertise of our staff and provide total satisfaction to our customers.

  • Microsoft Azure

    Highly resilient data centers located in each region. Plus, we take care of backups and disaster recovery using the Microsoft Azure platform.

Reporting an issue

We believe that security research is an important part of a safe internet. If you think you have found a security issue, please get in touch at

 Elevate your offering with software that empowers communities.