Introduction
At Talendary, information security, legal compliance, and data privacy are foundational priorities. We build privacy and security into our recruitment platform by design and by default, ensuring that our users and clients can use our services with confidence.
This article outlines our security measures, compliance certifications, and infrastructure setup to provide transparency and peace of mind for our users.
Security Certifications
Talendary’s security framework is aligned with leading industry standards to ensure robust data protection.
GDPR Compliance: Talendary is fully compliant with the EU General Data Protection Regulation (GDPR), ensuring responsible and transparent handling of user data. For additional details, please refer to the Talendary Data Processing Agreement here.
Emerging AI Security Standards: Talendary follows best practices from the developing ISO/IEC standards for AI management and security (such as ISO/IEC 42001), ensuring our AI systems are designed with robustness and safety in mind.
ISO 27001 Certification (coming soon): Talendary follows the guidelines of the ISO/IEC 27001 standard for information security management, which forms the basis of our security practices. Full certification is in progress.
SOC 2 Compliance (coming soon): Talendary adheres to SOC 2 principles, focusing on security, availability, processing integrity, confidentiality, and privacy. While full certification is planned as part of our future roadmap, we implement these principles to protect user data.
Third-Party Assessments and Testing
To maintain security resilience, Talendary conducts regular, independent testing and assessments:
Annual Penetration Testing: Conducted by independent third-party security experts, these tests help us identify and address any vulnerabilities, continually enhancing our security posture.
Sub-Processor Vetting: Talendary carefully selects sub-processors and ensures they meet rigorous security standards, including GDPR compliance. We aim for alignment with ISO 27001 and SOC 2 standards where feasible.
Infrastructure Resilience
Our infrastructure is designed for continuity and resilience to protect against disruptions and ensure uptime.
Disaster Recovery: Talendary’s disaster recovery plan is regularly tested and leverages industry-leading cloud infrastructure for redundancy and rapid recovery in the event of an incident.
Data Backup: Regular, automated backups are managed by trained personnel to ensure data integrity. Backups are anonymized within 30 days to safeguard user privacy.
Business Continuity: With highly digitized processes and SAML-based Federated SSO, our teams can operate securely from remote locations, minimizing potential downtime due to unforeseen events.
Data Access and Encryption
Talendary enforces strict access controls to safeguard user data at every stage.
Access Control: We follow the principle of least privilege and utilize role-based permissions, with multi-factor authentication (MFA) for highly confidential data access.
Data Encryption: Customer data is encrypted both in transit (using TLS 1.2) and at rest (using AES-256 encryption). We regularly review encryption standards and conduct periodic risk assessments.
Physical Security: Talendary partners with secure, certified data centers that offer 24/7 surveillance, biometric access control, and comprehensive physical security measures to protect core systems.
Operational and Personnel Security
Security awareness and proactive risk management are core to our operations.
Active Monitoring: We continuously monitor our IT infrastructure, using antivirus scanning, spam filtering, and security updates to safeguard against malicious code and threats.
Employee Training and Compliance: All Talendary employees undergo regular security training and acknowledge compliance with confidentiality and privacy policies.
Risk Management: Talendary regularly evaluates and updates its risk management policies, including periodic assessments and compliance checks to maintain an up-to-date risk profile.