We understand that the security of your data is critical. Our SaaS platform is built with robust information security measures designed to safeguard your sensitive information and ensure compliance with industry standards. Leveraging state-of-the-art encryption, secure access controls, and continuous monitoring, we maintain the highest levels of data protection. With ISO 27001-aligned practices, we prioritize transparency, trust, and the security of your business, so you can focus on growth while we keep your data safe.
Our infrastructure is hosted on AWS, which is ISO 27001 certified. You can view their certificate here.
Our servers are physically located in Frankfurt, Germany.
Our AWS infrastructure has been audited and optimized by Atomic Computing in accordance with the AWS Well-Architected Framework.
Penetration Testing
We conduct annual penetration testing by an independent Offensive Security Certified Professional (OSCP). You can view the latest completion report here.
Our customers also run regular manual and automatic penetration testing our software. Please understand that we cannot share detailed penetration testing reports, as they are confidential information.
Data Protection
Our Information Management System covers risk management, access controls, and data encryption to align with GDPR‘s requirements for ensuring the security and privacy of personal data.
Legal requirements around data processing, consent, and individuals’ rights are covered by our Terms & Services (section PERSONAL DATA).
Subprocessors
Besides cloud hosting, we work with the following sub processors:
Supplier
What do they do for us
Notes
Hotjar
Recording of user sessions to analyze and improve the usability of our software
Deactivated on demand in the PRO version
Mistral AI
Enrich your skill catalog with generative AI
Deactivated on demand
Microsoft
Authentication with MS Entra ID for Single-Sign-On
Only when SSO is activated
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
FunctionalAlways active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
