Security & Trust
Employee data is sensitive. Here's how we protect it.
Canadian Data Residency
All data is stored in Canadian data centres. We do not transfer personal information outside of Canada.
Encryption at Rest & In Transit
All data is encrypted at rest using AES-256 and in transit using TLS 1.2+.
PIPEDA Compliant
Our data handling practices are designed to comply with Canada's Personal Information Protection and Electronic Documents Act.
Access Controls
Role-based access control ensures employees only see data relevant to their role. Admins have full audit logs.
SOC 2 (In Progress)
We are actively working toward SOC 2 Type II certification. We will publish our report upon completion.
Vulnerability Disclosure
Found a security issue? Please report it responsibly to hibiscushrmain@gmail.com. We aim to respond within 48 hours.
Security questions?
We're happy to answer questions about our security posture for enterprise evaluations.
hibiscushrmain@gmail.com