Security
Your data security, Our commitement.

We would like to make two things clear. First, we respect your privacy and take significant efforts to protect all your data. Second, we would never do anything with your data that we wouldn't be proud to tell the world about. Keeping our customers' data secure is the most important thing that Ceipal does. We go to considerable lengths to ensure that all data sent to Ceipal and it's servers is handled securely - keeping your data secure is fundamental to our business. As you continue to learn more about Ceipal we recommend you also review our Privacy Policy.

SOC 2 Type II Compliant

SOC 2 Type II Compliant

IP Restriction

Implementing IP restriction ensures better security. Users can be tagged to specific IPs and can only access the application from that IP. It is a robust approach to implementing security and avoid access to the application from unauthorized locations.

OTP (One Time Password)

One-time password systems provide a mechanism for logging on to a network or service using a unique password which can only be used once. One-time passwords are a form of so-called strong authentication, providing much better protection systems containing sensitive data.

Strong authentication systems address the limitations of static passwords by incorporating an additional security credential, for example, a temporary one-time password (OTP), to protect network access and end-users' digital identities.

  • One-time passwords can be generated by users to provide access to the support team to address the queries of clients.
  • A Duplicate login will be created by the system for the support team to simultaneously access the account and assist the user without the user having to release any sensitive data.
  • The validity of the OTP generated by the user is 2 hours, post which the OTP will be rendered useless.
  • The OTP will be sent to support-th@ceipal.com to ensure additional security.
  • All correspondence is enabled with end-to-end encryption.
Data Encryption

All the sensitive data is securely encrypted in the database and decrypted only, while accessing the data by the authorized users through the application. We use industry standard encryption algorithms to keep the data safe and secure. Even the backups that are stored are encrypted as Google provides the encryption for the data at rest.

Google cloud infrastructure

Google develops and deploys infrastructure software using rigorous security practices. Their operations teams detect and respond to threats to the infrastructure from both insiders and external actors, 24/7/365.

PII Compliance (Personally Identifiable Information)

Ceipal de-identifies data wherever possible. Measures like anonymizing personally identifiable data. Ceipal additionally implements access controls wherever necessary and possible. Sensitive information is made accessible only to people who need it to do their jobs. Ceipal encrypts all sensitive information by default.

SOC2 Compliance (Instant Audit Report)

Ceipal has the distinction of being one of the first applicant tracking systems (ATS) to be SOC2 compliant, and one of the first software-as-a-service (SaaS) companies to utilise the SSAE 16/18 framework to provide security review. Ceipal undertakes an independent third party annual SOC2 audit that reviews certain of its internal controls and processes. The audit covers internal governance, production operations, change management, data backups, and software development processes. It evaluates that we have the appropriate controls and processes in place and that they are actively functioning appropriately in accordance with related standards.

The SOC2 program offers independent verification that our security practices offer a recognized standard of security measures. Furthermore, the program is designed to cover key elements of data processing and integrity, while maintaining auditing practices within our business and operational processes. As all customers are concerned with their data and its security, Ceipal has integrated its SOC controls into its operating procedures. These procedures span the organization, teams or functions that provide service or support to our clients on our platform. The key components of our SOC2 controls environment include:

  • Corporate Governance: how we provide oversight of our business and people
  • Change Management: how we make sure changes are tracked and properly reviewed
  • Access Control and Management: who has access to our platform operations and how this access is managed
  • Data Redundancy and Backup: how data is kept safe and stored in the event of adversity
  • Software Architecture and Development: oversight of the development effort around our platform
chat icon

Trusted by over 800 Happy Customers

See why thousands of HR professionals rely on CEIPAL to optimize and improve their Human Capital management process.