Enterprise-Grade Security

Your data is safe with us

Security isn't an afterthought—it's built into everything we do. From encryption to compliance, we protect what matters most.

In Progress

SOC 2 Type II

Audited controls for security, availability, and confidentiality.

Compliant

GDPR Compliant

Full EU data protection regulation compliance with DPA available.

Active

Data Encryption

AES-256 encryption at rest, TLS 1.3 in transit.

In Progress

ISO 27001

Information security management certification.

Security Architecture

End-to-End Encryption

All data is encrypted in transit using TLS 1.3 and at rest with AES-256. Your assessment data is never exposed in plain text.

Role-Based Access Control

Granular permissions ensure employees only see their own data, managers see their teams, and admins have org-wide visibility.

Tenant Isolation

Complete data separation between organizations. Each tenant operates in a logically isolated environment.

Audit Logging

Comprehensive audit trails track all data access and modifications. Export logs for compliance reviews.

SSO & MFA

Enterprise authentication with SAML 2.0, OIDC support, and mandatory multi-factor authentication.

Automated Backups

Daily encrypted backups with point-in-time recovery. Data retention policies configurable per organization.

Compliance & Privacy

Data Processing Agreements (DPA) available
Right to erasure (GDPR Article 17) supported
Data portability exports (CSV, JSON)
Breach notification within 72 hours
Regular penetration testing
Annual security audits
Employee background checks
Secure development lifecycle (SDLC)

Need a security questionnaire or have specific compliance requirements?

Contact our security team