Security

Your data security is non-negotiable

We handle sensitive business data — candidate CVs, legal matters, financial records. Security isn't a feature we added later. It's how the platform was built from day one.

Tenant Isolation

Every request is validated against tenant membership. No organisation can access another's data — enforced at the middleware level, not just the application layer.

Encryption

All data encrypted in transit via TLS 1.3. Sensitive fields (API keys, credentials) encrypted at rest. Database connections secured with SSL.

Audit Logging

Every data access, modification, and login is logged with user, timestamp, IP address, and action details. Logs retained for 2 years.

Enterprise SSO

SAML 2.0 support for Azure AD, Okta, and Google Workspace. Enforce SSO-only access, auto-provision users, and control access by email domain.

Rate Limiting

Redis-backed rate limiting on all API endpoints and login attempts. Prevents brute-force attacks and API abuse automatically.

GDPR by Design

Built-in consent management, right to erasure, data export, and retention policies. Recruitment agent includes full GDPR compliance for candidate data.