The security a large HR team would demand — on every plan, not just the enterprise one. Here’s exactly how TalentHRC protects your data.
Every company's data is fenced off in one place in the code (forCompany scoping). One client can never see across the wall to another's.
RLS is enabled on every table in Postgres itself — not just the app — so even a leaked key can't read your tables through the public API.
Contracts and IDs are never public. Files open only through short-lived, signed links, and only after an access check for the right user.
Who approved that leave, who changed that role, who downloaded that document, and when — recorded and exportable.
Export or permanently erase any individual's entire footprint on request, in a couple of clicks, to a GDPR-equivalent standard.
Each client signs in on their own subdomain. A user from one company simply cannot log into another's — the session is bound to the tenant.
The database and app run in EU regions, close to your team and your obligations.
Every connection is over TLS/HTTPS — between browser, app and database.
Your data lives in a managed, isolated Postgres instance with automated backups.
The app talks to the database through a scoped role; access is granted by role and company throughout.
TalentHRC is built to a GDPR-equivalent standard. You can export or permanently delete any individual’s data on request, access is scoped by role and company throughout, and a full audit trail records sensitive actions. A Data Processing Agreement is available on request.
Found something, or need our security details for a vendor review? Email us and we’ll get back to you quickly.
info@talenthrc.comSee it for yourself, or send this to whoever runs your vendor reviews.