Hosting and infrastructure
AWS Mumbai (ap-south-1) by default. Multi-availability-zone deployment. Encrypted backups. Disaster recovery target: RPO 24 hours, RTO 8 hours. Architecture diagram or schematic
AWS Mumbai (ap-south-1) by default. Multi-availability-zone deployment. Encrypted backups. Disaster recovery target: RPO 24 hours, RTO 8 hours. Architecture diagram or schematic
TLS 1.2+ in transit. AES-256 at rest. Database backups encrypted with the same standard. Encryption keys managed in AWS KMS
Role-based access on every customer workspace. SSO via SAML 2.0 and OIDC on Ultimate and Custom. SCIM provisioning on Custom. Internal access to customer data is logged, audited, and limited to a named set of engineers under formal procedures.
GDPR-aligned data processing. SOC 2 Type II in progress โ audit cycle running, results published when complete. ISO 27001 on the roadmap.
Available on request, signable before contract. PDF download.
Export, correction, deletion, and portability honored under GDPR Article 15โ20. Customer-controlled data export available in-product on every plan.
Responsible disclosure programme published. security@talenteaseai.com is monitored. We aim to acknowledge within 48 hours and remediate critical issues within 14 days.
A current list of subprocessors is published and updated whenever it changes. Customers are notified of material changes
Documented incident response procedure. Customer notification within 72 hours of a confirmed personal data breach, in line with GDPR.
Data Processing Addendum
Subprocessor list
Security overview one-pager
SOC 2 Type II report
For procurement reviews, security questionnaires, or specific compliance questions, email or use the contact form.