GENERAL INFO
Data encryption: All passwords are hashed with Bcrypt (no plain text is stored).
Login security: TRAFFIT users can log in to the system using one of the following methods:
via login/password
with SSO
Available options for SSO:
Google account
Linkedin account
SAML (activated on demand)
Auth0 (activated on demand)
Redundancy - API, database, and other key servers operate in clusters. That means that the failure of one element does not stop the work of the other elements.
Backups: Every 24 hours. We can roll back single pieces of data or the whole database.
Logs: Logs are stored for 30 days, then removed.
Server location: Dedicated servers on AWS - Amazon Web Services located in Europe (Frankfurt). AWS security details are available here.
CANDIDATES’ DATA
To keep you and your candidates’ data safe, we apply the following safeguards:
The personal data are stored in separate instances (domains) on dedicated servers. That means that each client database is separate from the system files repository.
Our system is encrypted with the HTTPS protocol.
The TRAFFIT system administrator can decide on the password security requirements in Settings --> General settings, specifically:
password change requirement (in days),
active session time (in minutes).
limit wrong passwords before the account is blocked.
4. The TRAFFIT system administrator can block access to the system according to the office IP address and working hours.
5. Recommended browsers:
Google Chrome
Mozilla Firefox
Safari
Microsoft Edge
API
CAREER PAGE INTEGRATION API
Career page integration API documentation is available here.
This API is public - no authentication is required.
INTEGRATION API
Integration API documentation is available here.
Requires authentication by OAuth token.
PAYMENTS
Payment for the system is possible by:
credit card attachment
bank transfer
The recurring credit card payment is secured by 3D-Secure verification.
AI
TRAFFIT uses open AI - chat GPT 4.0. The use of AI has been implemented in 2 places in the system:
Recruitment job posts creation
AI proposes the content of recruitment job posts based on the job title, Hiring Managers' requirements, and company data - using the indicated tone of voice.
Recruitment reports analysis
AI is analyzing the numbers visible in the recruitment reports in the system and comparing them with publicly available benchmarks.
No personal or sensitive data is sent to AI.
Only recruitment data and statistical data are sent to AI.
GDPR (Generation Data Protection Regulation)
All data is stored in EEA (European Economic Area) - Frankfurt, Germany.
TRAFFIT users can add any types of consent to be put on application forms, to be accepted by the candidates.
All the candidates’ consent and their expiration dates are stored in the system.
TRAFFIT users can remove and anonymize candidates’ data at any time.
The visibility of candidates' data and some activities in the system (like data import, downloading candidates’ files, and removing candidates’ data) can be limited for specific permission groups.
Personal data processing terms are included in TRAFFIT terms and conditions, point X.
TRAFFIT's privacy policy is available here.
TRAFFIT TEAM
Only selected TRAFFIT employees to have access to your data. Their access is personal and secure. The application is supervised by designated employees on duty:
- application log control
- application operation control
- infrastructure operation control
Each released version of TRAFFIT is tested by the QA team. Details of every new version are shared here after every release. The team has multiple environments (sandboxes) to test different scenarios.
TRAFFIT is regularly tested by external companies.
Access to the load balancer (only to selected ports) is the only access available from the public network. Every other access is available only from a private network.