IT Security and Compliance

At PeoplePath, we are fully committed to ensuring information security and compliance with global privacy regulations.

man with headphones sitting at laptop

Information Security

At PeoplePath, a comprehensive Information Security Management System (ISMS) governs the security controls we have in place to protect the information of our clients and their talents and users.

ISO 27001 Certified

Since 2013, our ISMS has been certified and recertified according to the ISO 27001 standard.

Download our latest certificate here.

For an information package about our ISMS:

  • We operate in secure data centers only, Amazon Web Services in the US and Ireland, and Plus Server in Germany, using firewalls, encryption, and other technologies to protect customer data.
  • For disaster recovery, we operate separate backup locations.
  • We perform third party reviews & audits of our Information Security Management System (ISMS) on an annual basis.
  • Third party specialists perform annual penetration tests to identify and remedy potential technical vulnerabilities.
  • We adhere to strict role segregation so that only PeoplePath employees who need to access your data are able to view it.

Data Protection and Privacy

Managing the data and rights of talents under global privacy regulations such as the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) is essential. Your customer success team will help you implement PeoplePath in a GDPR and CCPA compliant way, leveraging the following capabilities:

icon user roles

Rights & Roles

Privileges for viewing and editing profiles and content, as well as using features can be assigned and revoked individually. The assignment can be automated, e.g. based on profile criteria or user action and inaction.

icon settings with shield

Privacy Controls

Users have full control over which data they share with whom. Privacy settings can be adjusted in a user friendly way on the level of profile field sections. Additional privacy control layers are available for administrators.

icon process

Business Automation

PeoplePath provides a powerful workflow engine consisting of time or action based triggers, conditions, and actions that can be used to automate the compliance process.

icon screen with email send

Notification Options

PeoplePath allows talents to adjust their email preferences by type of communication or unsubscribe from all emails.

icon handshake

Consent Management

PeoplePath has a comprehensive consent management module that supports compliance with the control and transparency stipulations of GDPR and CCPA.

icon dashboard

Reporting

PeoplePath provides administrators with the ability to see and export the data stored for talents, allowing them to meet the right of individuals under GDPR to see what information is stored about them.

Let's get started!

Contact us today to learn more about how to build lifelong relationships with your talent.

two business men talking