Services and data processed by eRecruiter are hosted in the Microsoft Azure cloud, which has security certificates confirming the security of data stored in the cloud:

For the purposes of cloud hosting, eRecruiter uses also service centers and service providers with certificates confirming the security of cloud data processing. More information about the certificates can be found below:

Amazon Web Services

Oktawave

All our servers are fully virtual, which eliminates vulnerability to technical failures affecting traditional physical servers. This solution enables us to restore full operability of our systems within a few minutes.

Access to the clients’ data is reserved exclusively to authorized employees who require such access to perform their professional duties. eRecruiter is based in 100% on secure HTTPS protocols.

All data sent to or from eRecruiter are encrypted with 256-bit encryption.

Our Application Programming Interfaces and application terminals use encryption based on SSL certificates. The implemented security measures have been rated “A” in the tests carried out by Qualys SSL Labs.

For the purposes of eRecruiter data transfer, we use Transport Layer Security (TLS), creating a secure tunnel protected with a 256-bit or longer encryption key.

We also encrypt data at rest using a standard AES encryption algorithm.

Every year, a recommended third-party company carries out grey-box penetration tests of the eRecruiter application. The most recent opinions can be downloaded below:

We employ external security tools to continuously scan the system for vulnerabilities and we are ready to react immediately whenever we find one.

eRecruiter implements the hazardous incident handling procedure and all employees are informed about its principles.

We develop eRecruiter in compliance with the standards set by OWASP (Open Web Application Security Project) — an international foundation whose goal is to improve the security of web applications.

The foundation publishes a set of good practices on designing and securing applications. We observe those practices when designing eRecruiter and all of its functionalities to ensure the highest possible security of our data.

OWASP does not issue any certificates. You can compare our security documents confirming that we follow the main security-improving design assumptions postulated by the foundation.

eRecruiter is supported by certain Data Processors processing personal data in accordance with Article 28 sec. 2 of the GDPR to ensure appropriate rendition of services.