Security and Compliance

Data Rocks. We Make Sure It’s Safe.

Protecting data is at the top of our priority list. Our data security and privacy framework ensures secure business operations and guarantees that your and your customers’ information is safe.
  • Image 1
  • Image 2
  • Image 3
  • Image 4

Peace Of Mind

Our Security and Data Privacy Framework

Delivering stellar experiences isn’t possible without data. Here’s a snapshot of how we make sure your data is secured and protected.

Certifications, Standards, and Regulations

Joveo maintains the necessary industry-standard certifications and compliances. Our goal is to ensure the highest level of data security and privacy for our employees, customers, and partners.

Certifications

SOC 2 Type 2: This is an independent assessment of our internal control environment, which reports on our controls system and its suitability with respect to protecting customer data. The SOC 2 Type 2 report is based on the American Institute of Certified Public Accountants’s (AICPA) Trust Services Criteria and is issued annually.

ISO 27001: This internationally recognized standards-based approach to security demonstrates our commitment to security. Joveo has been continually ISO 27001-certified since August 03, 2023.

Adherence to Standards

GDPR: Joveo’s products are in full compliance with General Data Protection Regulation (GDPR), a European Union regulation on information privacy in the European Union and the European Economic Area.

CCPA: We are compliant with the California Consumer Privacy Act (CCPA), intended to enhance privacy rights and the protection of Personal Information and extend the same level of protection to all those in the US.

Data security is as important to us as it is to you. If you would like to view our security and compliance certifications, please let us know and we’ll be in touch shortly.

Processes:

We ensure adequate control over all data we process, based on adherence to multiple international standards. This includes mechanisms such as encryption at rest and in transit, access control, data retention, anonymization, etc. We also maintain a record of processing activities (ROPA) for all data stored in our system.

Training:

Our teams are trained to understand all vital aspects of security, including auditing, vulnerability tracking and resolution, secure coding practices, and data security, among others.

Monitoring:

Monitoring tools assist our team in identifying and addressing sensitive events, 24/7/365. Among others, we use AWS GuardDuty, ZAP, Prowler, and kube-bench.

Auditing:

We regularly conduct internal and third-party audits to ensure that our security policy and procedures are maintained and updated, as required.

Penetration Testing:

We conduct penetration testing on an annual basis, to ensure our clients’ data is secured against external threats.

Ready to Optimize Those Job Titles and Attract Top-Notch Talent? Check out Our Free, Ungated Job Title Optimizer! | → Try It Now!

X