As a company committed to transparency, we have summarized our security practices for you to stay informed about our procedures. If you have any additional questions, we would be happy to answer them — feel free to contact us at firstname.lastname@example.org.
At HR Partner, we are dedicated to protecting your data. We adhere to industry best practices in security, and our servers are hosted with a leading HIPAA-compliant cloud provider.
Our servers are hosted by one of the world's leading cloud hosting providers, trusted by leading Fortune 500 companies. As a leader in the industry, our hosting provider is trusted by over a million active customers and is a model in security best practices.
HR Partner's data center host is compliant with:
All data is secure with server-side encryption (AES-256) behind a firewall. Data is encrypted at rest and in transit.
Your payment and billing information is stored by a secure, PCI-compliant provider. We never store your payment information on our servers.
We backup your data daily, and therefore it is possible for data to be restored quickly and efficiently.
All user passwords are salted, hashed, and encrypted in transit.
To monitor various app libraries used in HR Partner, we have systems that continuously monitor and look out for potential vulnerabilities.
HR Partner undergoes real-time monitoring to protect the application against DDoS attacks (SYN floods, UDP floods, ACK floods, reflection attacks).
We use a third party security vendor to monitor server uptime and processor loads to identify any unusual activity.
We honor customer requests regarding deletion of his/her account data, and handle these requests promptly.
In honor of GDPR, customers can request data exports by contacting customer support. We are happy to provide you with an export in a timely manner.
Only a select number of our staff have access to user accounts, and those that we hire with this level of access will always undergo background checks. Account access is only granted when you (the customer) consents to granting access (IE: If there is a customer support issue and you ask us to go in and help, we require your consent to do so).
In the case of a breach, we will notify you immediately of the full nature and scope, along with a timeline of planned solutions.
If you have questions about our security practices, we would be happy to discuss them with you. Please contact our team at email@example.com.