TalentLyft is a robust and secure software application. The security and performance of TalentLyft are our number one priority and customers can use TalentLyft with confidence that we maintain the highest standards and best practices.
SSL & Encryption
All traffic between our clients and TalentLyft servers is encrypted through SSL.
Passwords
Passwords are stored hashed and never logged, stored or transmitted as plain text.
Access control
Only authorized TalentLyft employees are given access to the resources that are required for their role, following the principle of least privilege. Authentication to access these resources is always password-based and login credentials are always transmitted encrypted, over https.
As an additional step, TalentLyft offers the enabling of Two-Factor Authentication, for additional security purposes. More information on how to enable this can be found here.
Confidentiality
All employee contracts include a confidentiality agreement.
Will this platform be compatible with our security requirements?
Data security and infrastructure are an integral part of TalentLyft technology. We’re committed to ensuring all necessary security precautions are taken and we comply with the leading standards, security certifications and penetration testing available.
Credit card data
Credit card information is encrypted on the client using our payment gateway, Braintree. TalentLyft does not store Credit Card data. All credit card information is stored on Braintree which is is a validated Level 1 PCI DSS Compliant Service Provider.
Third-party providers
TalentLyft uses a limited number of third-party providers in US and in Europe to help to perform usage statistical analysis, customer support and technical operations and provide data hosting services. Our Sub-processors list can be find here.
What’s your uptime?
We guarantee 99.8% uptime, averaged over a month. You can check TalentLyft's uptime and our current status here: http://status.talentlyft.com
Server access and location
TalentLyft is deployed on Microsoft Azure (a cloud application platform used by organizations of all sizes to deploy and operate applications throughout the world).
Microsoft Azure makes security and privacy a priority at every step, from code development through incident response. Azure has more certification than any other cloud provider: ISO/IEC, CSA/CCM, ITAR, CJIS, HIPAA, IRS 1075.
The data is stored in EU (Ireland and Holland).
Scheduled Maintenance
We are continuously updating TalentLyft to provide an excellent product and experience for our users. Most updates take place with no downtime at all. In cases where some downtime is required we keep it to an absolute minimum, typically between 10 to 20 minutes.
For major undertakings where off-line maintenance is unavoidable (such as data center moves or hardware repairs), we ensure that any downtime is clearly scheduled and communicated. We will notify account holders of the maintenance window approximately 48 hours ahead of planned downtime, along with an additional reminder of the scheduled downtime within the hour.
You make decisions about your data
If you decide to leave us, you get a full copy of your database. Contact us, and we’ll provide you with all your data. Want to access your data via API? No problem, we have you covered. Visit https://developers.talentlyft.com for more information on how our API works.
Security questions?
If you think you may have found a security vulnerability, please get in touch with our security team at [email protected].