Workable takes information security seriously. We do this to protect your organization and the information of every candidate applying to work with you.
Our platform is robust and secure - however large or small your candidate database is, we’ve got the controls in place to securely manage your most valuable asset: Your candidates’ confidential data.
We thoroughly follow industry standards and our own best practices. Workable is ISO 27001:2013 certified, ISO 27017:2015 certified, and SOC 2 type 1 certified, which means we meet the highest worldwide security standards. We aim to be as clear and open as possible about our security measures.
Workable is a GDPR-compliant partner. Companies collecting and processing EU data can manage and maintain GDPR compliance using our tools and features.
- Your data is encrypted in transit using security best practices
- Your data is safe as we provide disaster recovery and incident management and response
- In addition to the security components provided by our top-level cloud providers (Google and AWS), we maintain a dedicated web application firewall and provide an additional level of security with single sign-on (SSO)
- We maintain extensive security logs which are analyzed for security events and abnormalities
- We invest in technical security assessments performed by 3rd-party audit experts
- We hold internal red teaming activities
- Our employees are continuously trained on privacy and security matters
Workable has taken many steps throughout the years to build its internal compliance but also align the product with Privacy Laws, such as the General Data Protection Regulation (GDPR and UK GDPR), the California Consumer Protection Act (CCPA), the California Privacy Rights Act (CPRA) and relevant decisions of supervisory authorities, to make sure it stays compliant but at the same time Workable offers a compliant product to its Customers.
Internally, Workable also takes measures to comply with the GDPR. We have appointed a Data Protection Officer and set up procedures to deal timely with data subjects’ requests. We maintain an updated record of all data processing activities and we have dedicated systems and processes in place to ensure compliance such as an Incident Management Process, a Retention and Disposal Policy, and a Business Continuity Process.
Find more details on Workable's security practices.