Reejig™ is committed to maintaining the trust of our customers. At the heart of this, is providing a robust compliance program that carefully considers data protection matters across our suite of services, including data submitted by customers to our services (‘Customer Data’).
Reejig’s™ Talent Intelligence Platform meets global standards for security and integrity, with verification from trusted third parties.
Reejig™ is delivered on a cloud platform that is SOC 2 Type I and SOC 2 Type II certified by third-party auditors.
Reejig™ employs several methods to ensure the maintenance of customer data and personal information, and to prevent unauthorised access.
Every customer’s data is stored separately and encrypted at rest.
Reejig™ uses secure protocols to connect with customer systems using Transport Layer Security 1.2 for HTTPS encryption, which is authenticated by AES-256 bit encryption.
The Reejig™ platform uses HTTPS by default, with all data encrypted in transit
In addition to encrypting API and web traffic, Reejig™ encrypts all internal traffic. All data at rest, from databases to file systems to caches, is encrypted using AES-256, managed through Amazon Web Services (AWS) Key Management Service.
Access to customer data is only provided to select employees to troubleshoot in the event of a customer issue that needs to be resolved. Arbitrary access is prohibited, and every access is logged.
Reejig™ uses database replication and periodic snapshots to avoid data loss. In case of a data loss, we can use replicas to quickly recover to a known previous state.
Reejig™ does not store any data on-premises. We use the secure data cloud for all data storage and processing, which complies with rigid security requirements.
To guard against incidents, Reejig™ has procedures in place to disallow external access to data at short notice. We also have strict logging in order to identify all access.
Reejig™ supports SAML-based provisioning Single Sign-On systems to leverage our customers authentication architecture, and also has an internal permissions-based account system.
Reejig™ conducts periodic third-party security assessments to verify security controls.
Reejig™ uses best-in-market third party systems to automatically assess applications for exposure, vulnerabilities, and deviations from best practices.