TalentLyft is a robust and secure software application. The security and performance of TalentLyft are our number one priority and customers can use TalentLyft with confidence that we maintain the highest standards and best practices.

All traffic between our clients and TalentLyft servers is encrypted through SSL.

Passwords are stored hashed and never logged, stored or transmitted as plain text.

Only authorized TalentLyft employees are given access to the resources that are required for their role, following the principle of least privilege. Authentication to access these resources is always password-based and login credentials are always transmitted encrypted, over https.
​
As an additional step, TalentLyft offers the enabling of Two-Factor Authentication, for additional security purposes. More information on how to enable this can be found here.

All employee contracts include a confidentiality agreement.

Data security and infrastructure are an integral part of TalentLyft technology. We’re committed to ensuring all necessary security precautions are taken and we comply with the leading standards, security certifications and penetration testing available.

Credit card information is encrypted on the client using our payment gateway, Braintree. TalentLyft does not store Credit Card data. All credit card information is stored on Braintree which is is a validated Level 1 PCI DSS Compliant Service Provider.

TalentLyft uses a limited number of third-party providers in US and in Europe to help to perform usage statistical analysis, customer support and technical operations and provide data hosting services. Our Sub-processors list can be find here.

We guarantee 99.8% uptime, averaged over a month. You can check TalentLyft's uptime and our current status here: http://status.talentlyft.com

TalentLyft is deployed on Microsoft Azure (a cloud application platform used by organizations of all sizes to deploy and operate applications throughout the world).

Microsoft Azure makes security and privacy a priority at every step, from code development through incident response. Azure has more certification than any other cloud provider: ISO/IEC, CSA/CCM, ITAR, CJIS, HIPAA, IRS 1075.

The data is stored in EU (Ireland and Holland).

We are continuously updating TalentLyft to provide an excellent product and experience for our users. Most updates take place with no downtime at all. In cases where some downtime is required we keep it to an absolute minimum, typically between 10 to 20 minutes.

For major undertakings where off-line maintenance is unavoidable (such as data center moves or hardware repairs), we ensure that any downtime is clearly scheduled and communicated. We will notify account holders of the maintenance window approximately 48 hours ahead of planned downtime, along with an additional reminder of the scheduled downtime within the hour.

If you decide to leave us, you get a full copy of your database. Contact us, and we’ll provide you with all your data. Want to access your data via API? No problem, we have you covered. Visit https://developers.talentlyft.com for more information on how our API works.

If you think you may have found a security vulnerability, please get in touch with our security team at [email protected].