ISO 27001 certification
ISO 27001 certification and SOC 2 assurance report
ISO 27001
A copy of Recruitee’s ISO 27001 certification can be found here.
Recruitee’s ISO 27001 statement of applicability can be found here.
Scope of Recruitee’s ISO 27001 certificate: The secure development, operation and delivery of the following Tellent Software as a Service products/modules: Core human resources information system (also marketed under the brand name “KiwiHR”), performance management (also marketed under the brand name “Javelo”), applicant tracking system (also marketed under the brand name “Recruitee”) and any product/module that provides unified functionality between those products/modules.
SOC 2
A copy of Recruitee’s SOC 2 (SSAE 16/ISAE 3402 Type II) report can be shared on request.
Data center strategy
Security, availability, and operational efficiency are all cornerstone elements of Recruitee's data center strategy and ISO 27001 certification. Therefore, Recruitee uses some of the world’s leading providers for its main server infrastructure: Google Cloud Platform (Google) and Amazon Web Services (Amazon). All services provided by Google and Amazon have received multiple certifications:
ISO 27001, 27017 and 27018
SOC 1, 2 and 3
CSA STAR
The above certifications are the leading certifications for cloud hosting providers and data centers in terms of confidentiality, integrity, and availability of data. You can expect on-site security staff, camera systems, access control, regular security tests, high redundancy, and a lightning-fast global network that’s built to host the world’s most important websites. Google and Amazon allow us to benefit from some of the same technology that powers their own websites.
Recruitee has performed a risk analysis to understand the risks of your data being included in mass surveillance and being subject to warrants from non-EU governments. One of the measures that we have taken is that we strictly host data in the European Union. The following Amazon and Google locations are used by Recruitee:
Google’s data centers in Frankfurt and Berlin, Germany (europe-west3), used for our main infrastructure (e.g. database servers and web servers)
Amazon’s data centers in Frankfurt, Germany (eu-central-1), used for file hosting and for storage of encrypted backups
Amazon’s data centers in Ireland (eu-west-1), used solely for our video answers feature
Our choice of data centers makes Recruitee one of the leading partners for GDPR compliance in recruitment tech.
Wherever your data is stored, Recruitee makes sure that your data is always yours. We never sell candidate data or any other information you collect. Contact support to learn more about how to export your data.
GDPR
In addition to great data centers, our GDPR features can also help you solidify your GDPR compliance.