Information Security and Compliance

Our customers trust us with their data, and we’re committed to enforcing all safeguards needed to protect your information.

Information Security and Compliance

CCPA Compliant

Under the California Consumer Privacy Act (CCPA), any California consumer can request to view all information a company has saved on them along with a full list of all third parties that data is shared with. If privacy guidelines are violated, even if there is no breach, consumers have the right to sue the company. Hiretual values consumer trust and is 100% CCPA compliant.
Arrow pointing up

GDPR compliant

The GDPR is the latest data protection directive for businesses to protect the privacy of EU citizens with enhanced security provisions. Hiretual is 100% GDPR compliant.
Arrow pointing up

SOC 2 Type 2 certified

The SOC 2 Type 2 reports concern policies and procedures over a specified time period. For this more rigorous designation, systems must be evaluated for a minimum of six months.

Hiretual’s procedures and controls have been third-party audited to validate our success in ensuring the security, availability, processing integrity and confidentiality of our customer’s information.
Arrow pointing up

EU-US Privacy Shield certified

The Privacy Shield Framework, approved by the European Union (EU) and US Government, is a recognized mechanism for complying with EU data protection requirements when transferring personal data from the European Economic Area (EEA) to the United States. Organizations participating in the Framework are deemed to provide “adequate” privacy protection of data, as required under the EU Data Protection Directive and the General Data Protection Regulation (GDPR).

Hiretual is aware of the Schrems II decision. In lieu of the Schrems II decision, Hiretual relies on the Standard Contractual Clauses (SCCs) from the GDPR incorporated into its Data Processing Addendums for any data transfers from the EEA to the U.S.
Arrow pointing up

Cloud Security

Hiretual hosts services on Amazon Web Services (AWS) and is protected by AWS’s data centers and compliance programs in its infrastructure. AWS provides high availability, dependability, and scalability.
Arrow pointing up

Organizational Security

All Hiretual personnel has agreed to confidentiality terms, background screenings, and security training. Our team is familiar with security protocol addressing device security, acceptable use, malware prevention, incident reporting and other measures.
Arrow pointing up

Information Protection Protocols

Hiretual guards customer data with industry best practices, ensuring that all data transmission over public networks is done with strong encryption.

  • Comprehensive risk analysis and data protection for customers.
  • Amazon Web Services employs modern software security techniques and requires multi-factor authentication for access.
  • Data isolation – one user will never access and modify another customer’s data.
  • We transmit data to customers over public networks with strong encryptions – between Hiretual clients and Hiretual service (data generated and imported by Hiretual users).
  • TLS 1.2 protocols, AES256 encryption, SHA2 signatures, and emails sent through an end-to-end protected and encrypted system.
  • We store encryption keys in a secure server on a segregated network with very limited access using AWS Key Management Service.
Arrow pointing up

Network monitoring and protection

We have rigorous measures in place to detect unusual or unauthorized activities and conditions. Our alarms are configured to notify operations and management personnel when warning thresholds are crossed on key operational metrics. We have an on-call schedule so personnel is always available to respond to operational issues. Personnel deploy, perform, review, and analyze logs and investigate issues arising from alerts to ensure that systems and data are kept secure.
Arrow pointing up
Ready to hire the best talent?

Copyright © Hiretual 2021. All Rights Reserved