We understand that the security of your data is critical. Our SaaS platform is built with robust information security measures designed to safeguard your sensitive information and ensure compliance with industry standards. Leveraging state-of-the-art encryption, secure access controls, and continuous monitoring, we maintain the highest levels of data protection. With ISO 27001-aligned practices, we prioritize transparency, trust, and the security of your business, so you can focus on growth while we keep your data safe.
ISO 27001 Certification
We operate an Information Security Management System certified to the ISO 27001 standard, ensuring the highest level of data security and compliance.
Click here to view our certificate.
Cloud Hosting
Our infrastructure is hosted on AWS, which is ISO 27001 certified. You can view their certificate here.
Our servers are physically located in Frankfurt, Germany.
Our AWS infrastructure has been audited and optimized by Atomic Computing in accordance with the AWS Well-Architected Framework.
Penetration Testing
We conduct annual penetration testing by an independent Offensive Security Certified Professional (OSCP). You can view the latest completion report here.
Our customers also run regular manual and automatic penetration testing our software.
Please understand that we cannot share detailed penetration testing reports, as they are confidential information.
Data Protection
Our Information Management System covers risk management, access controls, and data encryption to align with GDPR‘s requirements for ensuring the security and privacy of personal data.
Legal requirements around data processing, consent, and individuals’ rights are covered by our Terms & Services (section PERSONAL DATA).
Subprocessors
Besides cloud hosting, we work with the following sub processors:
Supplier | What do they do for us | Notes |
Hotjar | Recording of user sessions to analyze and improve the usability of our software | Deactivated on demand in the PRO version |
Mistral AI | Enrich your skill catalog with generative AI | Deactivated on demand |
Microsoft | Authentication with MS Entra ID for Single-Sign-On | Only when SSO is activated |