TalentShake Data Security Overview

At TalentShake, your data's security and privacy are our top priorities. We are committed to protecting your information through industry-leading practices and technologies. Here's how we keep your data safe, combining robust security measures with the flexibility and innovation you expect from a modern tech startup.

Our Security Standards

We prioritize security by implementing best-in-class practices to protect your data. Although we currently perform audits internally, our commitment to rigorous testing and continuous improvement remains steadfast.

  • Encryption at Rest and in Transit: We use AES-256 encryption for stored data and SSL/TLS for data in transit, ensuring constant encryption and preventing unauthorized access.
  • Regular Security Audits: We conduct thorough internal security audits and penetration tests to identify and fix vulnerabilities.
  • Access Control: Role-based access control (RBAC) ensures data access is restricted to authorized personnel only.
  • Backup and Recovery: Regular backups and tested recovery procedures ensure data availability and security.

Hosting Infrastructure

Our application is hosted with leading cloud service providers known for their robust security measures. Our hosting and database infrastructures are separated for enhanced security. Here are some of the providers we use:

Provider Encryption Backup and Recovery Access Control
DigitalOcean AES-256 at rest Daily backups Whitelisted IPs, closed private network
Amazon Web Services (AWS) AES-256 at rest, AWS KMS, TDE Backup and recovery options Role-based access, IAM policies
Microsoft Azure TDE, TLS 1.2+ Geo-redundant storage (GRS) Role-based access, Azure AD

Database Security

Our PostgreSQL databases are secured to ensure data integrity and confidentiality. We utilize the following providers to ensure your data is protected:

Provider Encryption at Rest Encryption in Transit Backup Encryption Access Control
DigitalOcean AES-256, LUKS SSL/TLS RSA key-encryption key-pairs, AES-256 in CTR mode with HMAC-SHA256 Whitelisted IPs, private network
Amazon Web Services (AWS) AES-256, TDE SSL/TLS RSA key-encryption key-pairs, AES-256 in CTR mode with HMAC-SHA256 IAM roles, security groups
Microsoft Azure AES-256, TDE SSL/TLS RSA key-encryption key-pairs, AES-256 in CTR mode with HMAC-SHA256 Azure AD, network security groups

Third-Party Integration

We adhere to stringent security protocols when leveraging third-party APIs. Here are the trusted third-party providers we use:

Provider Data at Rest Encryption Data in Transit Encryption Compliance Data Handling
OpenAI AES-256 TLS 1.2+ SOC 2 No training on customer data, secure deletion options
Mistral AES-256 TLS 1.2 ISO 27001, SOC 2 No training on customer data without consent
Anthropic AES-256 TLS 1.2 SOC 2 No training on customer data, secure deletion options

Customer Policy Documents Storage

We securely store our customers' policy documents using trusted third-party services. Here are examples of the providers we use:

Provider Data Encryption Compliance Data Handling
OpenAI AES-256 at rest, TLS 1.2+ SOC 2 Type 2, GDPR No model training on stored data, secure deletion options
ChromaDB AES-256 at rest, TLS Stringent security standards No model training on stored data, backup retention policies

Data stored in the vector store is not used to train models and can be securely deleted upon request. Typically, documents are retained for backups for 30 days before data is permanently deleted to ensure compliance with data recovery policies.

Email Server Integration

Our app securely handles email communication, ensuring your emails are protected through industry-standard protocols:

Protocol Security Features
IMAP SSL/TLS for secure access
SMTP STARTTLS for encryption

To add an additional layer of security, customers can add our server IP to the SPF and DKIM records.

Additional Security Practices

  1. Regular Updates: Servers and applications are regularly updated and patched.
  2. Access Control: Database access is restricted to trusted sources and necessary personnel using RBAC.
  3. Backup and Recovery: Regular backups and recovery tests ensure data availability.
  4. API Security: API keys are securely stored and monitored.
  5. User Education: Clients are educated on best security practices with comprehensive documentation.

Compliance and Audits

  • Internal Audits: We conduct thorough internal security audits and vulnerability assessments to ensure compliance with industry regulations and maintain high-security standards.