Learn more about HR Partner's high standard for security
As a company committed to transparency, we have summarized our security practices for you to stay informed about our procedures. If you have any additional questions, we would be happy to answer them — feel free to contact us at firstname.lastname@example.org.
At HR Partner, we are dedicated to protecting your data. We adhere to industry best practices in security, and our servers are hosted with a leading HIPAA-compliant cloud provider.
Secure Data Centers
Our servers are hosted by one of the world's leading cloud hosting providers, trusted by leading Fortune 500 companies. As a leader in the industry, our hosting provider is trusted by over a million active customers and is a model in security best practices.
HR Partner's data center host is compliant with:
- ISO 27001
- DoD SRG
- SOC 1, SOC 2 & SOC 3
- PCI DSS Level 1
All data is secure with server-side encryption (AES-256) behind a firewall. Data is encrypted at rest and in transit.
Your payment and billing information is stored by a secure, PCI-compliant provider. We never store your payment information on our servers.
Regular Data Backups
We backup your data daily, and therefore it is possible for data to be restored quickly and efficiently.
Password Salting & Hashing
All user passwords are salted, hashed, and encrypted in transit.
To monitor various app libraries used in HR Partner, we have systems that continuously monitor and look out for potential vulnerabilities.
DDoS Monitoring & Protection
HR Partner undergoes real-time monitoring to protect the application against DDoS attacks (SYN floods, UDP floods, ACK floods, reflection attacks).
Server Uptime & Processor Load Monitoring
We use a third party security vendor to monitor server uptime and processor loads to identify any unusual activity.
Deletion of Customer Data
We honor customer requests regarding deletion of his/her account data, and handle these requests promptly.
Return of Customer Data
In honor of GDPR, customers can request data exports by contacting customer support. We are happy to provide you with an export in a timely manner.
Only a select number of our staff have access to user accounts, and those that we hire with this level of access will always undergo background checks. Account access is only granted when you (the customer) consents to granting access (IE: If there is a customer support issue and you ask us to go in and help, we require your consent to do so).
In the case of a breach, we will notify you immediately of the full nature and scope, along with a timeline of planned solutions.
Security Vulnerability Reporting Policy
HR Partner currently has security expertise through our in-house team and domain expert consultants. We do not accept unsolicited security reports. If this situation changes in the future, we will update this policy here.
NOTE: We currently DO NOT have a bug bounty programme in place
Questions? Contact Us
If you have questions about our security practices, we would be happy to discuss them with you. Please contact our team at email@example.com.