Autonomy Recruit handles sensitive candidate and company data. We take that responsibility seriously with enterprise-grade security at every layer.
Every piece of data that enters Autonomy Recruit is encrypted, isolated, and protected by multiple security layers.
All stored data is encrypted using AES-256-GCM, the same standard used by banks and government agencies.
All data moving between your browser, our servers, and third-party services is encrypted with TLS 1.3.
Autonomy Recruit runs on Render's enterprise cloud with automatic security patches and isolated containers.
Strict access controls ensure only authorized users see their own data. No cross-tenant data leakage.
Security isn't an afterthought at Autonomy Recruit. Every feature is built with security-first principles.
All database queries use parameterized statements. User input is never interpolated into SQL queries.
Passwords are hashed with bcrypt (10 rounds). Sessions are stored server-side with HttpOnly, Secure cookies.
Candidate data sent to AI models for screening is processed in real-time and never stored by the AI provider. We use OpenAI's enterprise API with data processing agreements in place. Your candidate profiles are not used to train AI models.
Autonomy Recruit aligns with industry security frameworks and data protection regulations.
Our security controls are aligned with SOC 2 Trust Services Criteria covering security, availability, and confidentiality. Infrastructure hosted on SOC 2 certified providers.
Full GDPR compliance for EU users. Data subject access requests, right to deletion, and data portability supported. Data processing agreements available on request.
California Consumer Privacy Act compliance for US users. Transparent data practices with opt-out mechanisms for data sharing.
Clear data retention policies. Candidate data can be deleted on request. Account data removed within 30 days of account closure.
We're happy to discuss our security practices in detail. Reach out to our team.