1. Tenant isolation
Every agency's data is strictly isolated. Access is scoped to a single tenant at the database level, so one Customer can never see another's candidates — even in the event of an application bug.
2. Encryption
Data is encrypted in transit (TLS 1.2+) and at rest. Secrets and credentials are stored in a managed secrets vault, never in source code.
3. Access control
- Role-based access (admin, recruiter, viewer) inside each workspace.
- Least-privilege access for our own systems and personnel.
- Optional two-factor authentication for accounts.
- An audit log of sensitive actions for every workspace.
4. AI data handling
Résumé parsing and search use vetted AI providers under data-processing agreements. We don't train shared models on your proprietary candidate data, and we use no-retention processing where available.
5. Infrastructure
TalScout runs on reputable cloud infrastructure with automated backups, point-in-time recovery, and monitoring. File uploads are stored in access-controlled object storage and served via short-lived signed URLs.
6. Responsible disclosure
Found a vulnerability? We appreciate responsible disclosure. Email security@talscout.aiand we'll respond promptly. Please don't access data that isn't yours while testing.
7. Compliance
We design to align with GDPR/CCPA obligations for personal data and support Customers with data-subject requests, exports, and deletion. Our Privacy Policy covers how we process personal data.
This document is a product template for TalScout and is provided for informational purposes only — it is not legal advice. Questions? Email legal@talscout.ai.