Welcome to ACTA

Your secure, all-in-one platform to manage property sales, legal docs & communication.

We were tired of countless email threads, misplaced documents and the lack of transparency throughout the process of purchasing a property. So we built ACTA.

🏠
Sale/Purchase audit checklist

Create, share, and track every property you’re handling β€” from offer to completion β€” all in one place.

🀝
Easy Collaboration

Collaborate with solicitor, buyer, FX partners, real estate agents, and/or vendor, securely with one-time access links or QR codes β€” no confusion, no faff.

πŸ’¬
Built-in Messaging

Keep all chats, document notes, and updates in one thread linked to each property. No more chasing emails.

πŸ“„
Smart Document Handling

Upload and share files directly with contributors. Everything stays organised, tracked, and accessible 24/7. When you're done, it's just a one click delete to remove all documents and data associated with a property.

πŸ’Έ
Simple Payments

Each registered property is a simple one off charge of Β£30.00 via Stripe checkout. Once a property is created you can invite an unlimited number of contributors, and have a document limit of 50 documents per property.

πŸ”’
Safe & Secure

Bank grade encrypted data, role-based access, and one-time invites mean your sensitive documents stay private and protected.

Security & Data Protection Overview

This platform is designed with privacy, resilience, and data security at its core.

  • Strong password hashing and verification to protect credentials.
  • Two-factor authentication required for login verification.
  • All login and session activity monitored and rate-limited to prevent abuse.
  • Role-based access ensures users only reach authorized data.

  • All communication encrypted using modern TLS protocols.
  • Strict-Transport-Security (HSTS) forces HTTPS-only access.
  • Secure cookies (HttpOnly, SameSite, Secure) protect session data.
  • Regular TLS configuration reviews maintain cipher strength.

  • Short-lived signed tokens maintain secure user sessions.
  • All tokens stored in secure cookies, not accessible via JavaScript.
  • Sessions expire after inactivity and can be revoked instantly.
  • Trusted sessions tracked and rotated regularly for security.

  • Sensitive data fields encrypted using AES-256 with per-record nonces.
  • Data encrypted both in transit and at rest.
  • Strict access controls for all production data.
  • Integrity checks ensure stored data remains untampered.

  • Input validation and sanitization prevent common injection attacks.
  • Content Security Policy (CSP) blocks unsafe inline or external scripts.
  • Rate limiting and intrusion detection monitor suspicious requests.
  • Regular dependency and patch updates applied to all systems.

  • Comprehensive audit logs record system and data access activity.
  • Real-time monitoring detects anomalies and suspicious behaviour.
  • Immediate incident response protocols reduce risk impact.
  • Alerts triggered on failed login attempts or data access anomalies.

  • Built in alignment with ISO 27001, GDPR, SOC 2, and OWASP guidelines.
  • Regular internal reviews ensure continued compliance and improvement.
  • Strict least-privilege and data minimization principles applied.
  • Controls evolve continually to meet emerging cybersecurity standards.

Last updated: October 2025

Compliant with ISO 27001 β€’ GDPR β€’ SOC 2 β€’ OWASP Security Guidelines

Ready to make property deals simple?

Join estate agents, solicitors & clients who are managing documents smarter with ACTA.

Create Your Account

Already have an account? Sign in here