Security at Bold Employ

Your data security and privacy are our top priorities. We implement industry-leading security practices to protect your recruiting data.

Data Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

SOC 2 Compliance

We maintain SOC 2 Type II certification with annual audits by independent third parties.

Multi-Factor Authentication

Optional MFA using authenticator apps, SMS, or security keys for enhanced account security.

Infrastructure Security

Hosted on AWS with redundancy, DDoS protection, and regular security patches.

Audit Logging

Comprehensive activity logs track all data access and modifications for security and compliance.

Regular Backups

Automated daily backups with point-in-time recovery and 30-day retention.

Access Controls

Granular role-based permissions ensure users only access data they need.

Penetration Testing

Regular security assessments by external security experts to identify vulnerabilities.

Compliance & Certifications

SOC 2 Type II

Annual third-party security audit

GDPR Compliant

EU data protection standards

CCPA Compliant

California consumer privacy

ISO 27001

Information security management

Our Security Practices

Data Protection

  • • Multi-tenant data isolation
  • • Row-level security (RLS)
  • • Automatic data anonymization
  • • Secure data deletion

Network Security

  • • DDoS protection via Cloudflare
  • • Web Application Firewall (WAF)
  • • API rate limiting
  • • Intrusion detection systems

Monitoring & Response

  • • 24/7 security monitoring
  • • Automated threat detection
  • • Incident response team
  • • Security alerts and notifications

Employee Security

  • • Background checks for staff
  • • Regular security training
  • • Principle of least privilege
  • • Secure development practices

Responsible Disclosure

We take security vulnerabilities seriously and appreciate the security research community's efforts to help keep Bold Employ secure. If you discover a security issue, please report it responsibly.

How to Report

Email security vulnerabilities to: security@boldemploy.com

Please include detailed steps to reproduce the issue and any relevant technical information. We typically respond within 24 hours and aim to resolve critical issues within 7 days.

Bug Bounty Program: We offer rewards for valid security vulnerabilities based on severity. Contact us for program details.