Skip to main content

Role-based access control

Permissions by role and property scope — OWNER, MANAGER, STAFF, and system roles.

Audit logging

Critical actions recorded for compliance review and incident investigation.

Encrypted backups

Database backups with a documented restore process for production deployments.

Multi-tenant isolation

Account and property scoping so teams only access their own data.

Protected guest documents

Guest ID images and documents are served through authenticated API access, not public URLs.

Security practices in detail

Expand each topic for how StayLedger handles access, logs, backups, and guest documents today.

Access control

Role-based permissions scope users to properties and functions they need. OWNER, MANAGER, and STAFF roles are enforced in the PMS API — not just the UI.

Audit logs

Important operational actions are recorded with actor, timestamp, and context to support incident review and accountability.

Backup and restore

Production databases are backed up on a scheduled basis with encrypted storage. Restore steps are documented for operations.

Guest document protection

Guest ID images and documents are served through authenticated API access, not public URLs. Staff must be signed in with appropriate permissions.

Data location and hosting posture

StayLedger runs on secured cloud infrastructure with health checks, rolling deployments, and monitoring. We do not claim third-party certifications unless explicitly published.

Security contact

Report a security concern to [email protected]. We review reports and respond according to our operations process.

Security designed for daily hotel operations

See how StayLedger protects guest data, staff access, and operational records.