Versioned consents
Each user has timestamped acceptance records for Terms, Privacy, Marketing and Third-Party sharing. We archive the exact policy version they consented to.
Security & compliance
Regulatory compliance, built in by default.
Every design decision in FixrOS starts with the law. GDPR, LOPDGDD, LPH-2025, SEPA, Art. 21 monitorio — that serious. No patches, no "we will add it next release".
Talk to compliance
Data protection
GDPR and LOPDGDD, down to the last detail
Versioned consent, full audit trail, pseudonymisation by default, right to be forgotten and data portability. Everything the Spanish DPA would check in an audit — already done.
Full audit trail
Every access to personal data is recorded in AuditLog: who, what, when, on which identity. Categorised: login, permission change, PII access, export.
Pseudonymisation by default
Resident-to-resident chat uses dwelling tags ("3B") instead of real names. Revealing identity requires an explicit contact request, accepted by both parties.
Right to be forgotten
Soft-delete of identities (deletedAt) and automatic anonymisation after the legal retention period. We comply with GDPR Art. 17 without losing referential integrity.
Data portability
Full JSON export of all the user’s personal data, anytime, in machine-readable format. GDPR Art. 20 covered.
Encryption of sensitive credentials
IMAP / POP / SMTP passwords for the Email Inbox are encrypted with strong industry-standard authenticated encryption before being persisted. Never returned to the client, not even in API responses.
AuditLog anti-tampering · SHA-256 hash chain
Every audit log entry includes the SHA-256 hash of the previous entry, forming an immutable chain. Any retroactive alteration breaks the chain and is immediately detectable.
TSA: notarial anchoring with timestamp
FixrOS's audit log uses an anti-tampering SHA-256 hash chain. The root hash is periodically anchored to a recognised TSA (Time Stamp Authority), producing a legally valid timestamp. Log integrity is verifiable by any third party.
Horizontal Property Law 2025
Built-in LPH legal engine
It is not a spreadsheet with formulas. It is a real legal engine implementing Spanish Law 49/1960 (with 10/2022 reform and 2025 amendments). Qualified majorities, presumed vote, Art. 21 monitorio, Art. 9.1.e certificate — all automated.
Automatic majority calculation
1/2, 3/5, 2/3 or unanimity depending on the type of agreement. Dual count (weighted coefficients + owners). The system marks approved/rejected per the LPH.
Legal deadlines controlled
15 days’ notice for the call, 6 days Art. 16 LPH, automatic reminders. The system blocks out-of-deadline calls and warns the manager.
Presumed vote Art. 17.8
Attendance without an explicit vote counts as support for the agreement, per LPH Art. 17.8. The system applies this automatically at the close of each vote.
Legal minutes with LPH articles
Minutes generated with references to applicable articles, digital signature of chair and secretary, and Art. 18 challenge period calculated and shown on the minutes themselves.
Automatic Art. 21 monitorio
When a debtor meets the legal criteria, FixrOS generates the full Art. 21 LPH monitorio paperwork, ready to file with the court.
Debt certificate Art. 9.1.e
One-click generation of the debt certificate regulated by LPH Art. 9.1.e, signed by the manager and valid for property transfer.
Pre-meeting debtors snapshot
When the meeting is called, the list of debtors deprived of voting rights is frozen. If a debtor pays between the call and the meeting, their exclusion remains legally defensible because the snapshot is timestamped and signed.
Claims portal
Regulatory compliance in claims
FixrOS's claims portal complies with insurance sector-specific regulation: legal archiving of claim files, broker verification with the DGSFP, and role-level audited access control.
Ley 50/1980: 5-year claims archive
Closed claims are archived in read-only storage for a minimum of 5 years per article 23 of Ley 50/1980 (Insurance Contract Act). Access is restricted to authorised roles and recorded in the audit log.
Ley 6/2020: DGSFP broker verification
Insurance brokers accessing the claims portal must be registered with the DGSFP (Ley 6/2020 regulating private insurance and reinsurance distribution), with active professional indemnity insurance. FixrOS verifies and stores the DGSFP registration number before granting access.
Unique in the industry
Right to digital disconnection · Art. 88 LOPDGDD
Property managers do not receive resident chats outside working hours. We respect this by law and by common sense. Unique in the Spanish proptech industry.
Configurable working hours
Weekly slots per day, scheduled absences, time zone. Each manager defines their own schedule and FixrOS honours it without exception for ordinary chats.
Out-of-hours digest queue
Non-urgent chats are queued and delivered as ONE summary push at the start of the next shift. No 30 buzzes at 22:00, no Monday-7am avalanche.
Critical alerts always reach you
Critical SLAs (<4h), pending vendor quotes, new assignments and called meetings always pierce the disconnect. The law does not prevent emergency notifications.
Explicit Art. 88 compliance
Not a setting buried in preferences: enabled by default and documented by FixrOS as an Art. 88 LOPDGDD measure for any inspection.
Need the technical security document?
We email you the full dossier: data processing agreement, record of processing activities, technical and organisational measures, and recent audit results. Same day.