Information Security

Christophe Vantighem

We understand that the security of your data is critical. Our SaaS platform is built with robust information security measures designed to safeguard your sensitive information and ensure compliance with industry standards. Leveraging state-of-the-art encryption, secure access controls, and continuous monitoring, we maintain the highest levels of data protection. With ISO 27001-aligned practices, we prioritize transparency, trust, and the security of your business, so you can focus on growth while we keep your data safe.

Table of Contents

ISO 27001 Certification

We run an Information Security Management System according to the standard ISO 27001.

We are currently undergoing a certification process and our certification is planned by the end of 2024.

Cloud Hosting

Our infrastructure is hosted on AWS, which is ISO 27001 certified. You can view their certificate here.

Our servers are physically located in Frankfurt, Germany.

Our AWS infrastructure has been audited and optimized by Atomic Computing in accordance with the AWS Well-Architected Framework.

Penetration Testing

We conduct annual penetration testing by an independent Offensive Security Certified Professional (OSCP). You can view the latest completion report here.

Our customers also run regular manual and automatic penetration testing our software.
Please understand that we cannot share detailed penetration testing reports, as they are confidential information.

Data Protection

Our Information Management System covers risk management, access controls, and data encryption to align with GDPR‘s requirements for ensuring the security and privacy of personal data.

Legal requirements around data processing, consent, and individuals’ rights are covered by our Terms & Services (section PERSONAL DATA).

Subprocessors

Besides cloud hosting, we work with the following sub processors:

Supplier	What do they do for us	Notes
Hotjar	Recording of user sessions to analyze and improve the usability of our software	Deactivated on demand in the PRO version
Mistral AI	Enrich your skill catalog with generative AI	Deactivated on demand
Microsoft	Authentication with MS Entra ID for Single-Sign-On	Only when SSO is activated

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.