Enterprise-Grade Security.
Worker data is sensitive. We treat it that way — with rigorous controls, strict access policies, and full compliance with Canadian privacy law.
Security Controls
Data Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256. No plaintext storage of sensitive worker documents.
Access Control
Role-based access limits data visibility to authorized personnel only. Every access event is logged and audited.
Secure Infrastructure
Hosted on SOC 2-certified cloud infrastructure with redundancy, automatic failover, and a 99.9% uptime SLA.
Privacy Compliance
Fully compliant with PIPEDA and applicable provincial privacy legislation governing personal information in Canada.
Audit Logging
Immutable audit logs capture every data access, modification, and deletion. Records are retained for a minimum of seven years.
Vulnerability Management
Regular penetration testing, dependency scanning, and security reviews keep the platform hardened against known threats.
Our Commitments
- PIPEDA compliant data handling
- SOC 2 Type II certified infrastructure
- AES-256 encryption at rest
- TLS 1.3 encryption in transit
- Annual third-party penetration testing
- 99.9% uptime SLA