We respect your privacy and take significant efforts to protect all your data. We would never do anything with your data that we wouldn’t be proud to tell the world about and ensure all data sent to CEIPAL and its servers is handled securely.
All sensitive data is securely encrypted in the database and decrypted only if accessed by the authorized users through the application. We use industry standard encryption algorithms to keep the data (and data backups) safe and secure.
Personally Identifiable Information
CEIPAL de-identifies data wherever possible and implements access controls wherever necessary, with all sensitive information encrypted by default. Sensitive information is made accessible only to people who need it to do their job.
CEIPAL is one of the first applicant tracking systems (ATS) to be SOC2 compliant, and one of the first software-as-a-service (SaaS) companies to utilize the SSAE 16/18 framework to provide security review. We undergo an independent third party annual SOC2 audit that reviews certain internal controls and processes. The audit covers internal governance, production operations, change management, data backups, and software development processes. It evaluates that we have the appropriate controls and processes in place and that they are functioning appropriately in accordance to standards.
The SOC2 program offers independent verification that our practices offer a recognized standard of security measures. Furthermore, the program is designed to cover key elements of data processing and integrity while maintaining auditing practices within our business and operational processes. We have integrated SOC controls into all of CEIPAL’s operating procedures. These procedures span the organization, teams, and/or functions that provide service or support to our clients on our platform. The key components of our SOC2 controls environment include: