JobAdder Trust Center

You own and control your data. We protect and defend it.

Our commitment to recruitment agencies, staffing firms and talent acquisition teams

To be transparent about our operations, policies and technologies
To ensure the security, compliance and privacy of your data
To support and empower the privacy decisions of every single user

Information security certifications

We’re proud that JobAdder has achieved internationally recognised ISO 27001:2013 certification. This standard demonstrates JobAdder’s commitment to global best practice, having implemented a robust approach to protect your data. JobAdder is audited regularly to maintain the accreditation status.

You can view our certification here.

We use Amazon Web Services (AWS) as our host operating system in the cloud. Security and compliance is therefore a shared responsibility between AWS and JobAdder. We’re responsible for securing your data, while AWS is responsible for securing the infrastructure that hosts it. Amazon’s data center operations have been audited and certified under:

  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • Federal Information Security Management Act – Moderate
  • Sarbanes-Oxley (SOX)

Data centre locations

While JobAdder has global reach, your data is stored locally. Our data centres are hosted with AWS. AWS architecture ensures that data doesn’t migrate beyond a geographic boundary and complies with data regulations, including GDPR. Find out which data centre is relevant to your business on the map below.

High technical and physical security
Resilience to disasters and data loss
Energy efficiency and sustainability

Security controls

  • JobAdder uses Cloudflare for WAF (web application firewall) and DDoS (distributed denial-of-service) mitigations
  • AWS Network Load Balancer restricts access to only required ports/services
  • AWS security groups are utilised for network segmentation on a least access model
  • Application server operating systems hardened to provide only necessary ports, protocols, services and applications as part of the baseline standard build
  • CAIQ (Consensus Assessments Initiative Questionnaire) and pen-tests are available on request. To view JobAdder’s Penetration Test Policy, please click here
  • Web and application servers run on the latest version on a hardened Windows Server Linux AMI
  • Windows updates, hotfixes and service packs are applied promptly
  • Port blocking is set at the network setting level
  • RDP connection encryption level is set to high and only accessible via VPN connection
  • Unnecessary services are disabled
  • Windows Defender and Crowdstrike are enabled and set to be updated daily
  • Logs are shipped to New Relic for monitoring and alerting
  • For a full list of JobAdder’s Security FAQs, please click here
  • JobAdder is cloud-based to ensure data is securely encrypted and stored in AWS data centres 
  • Data can be restored from backup and regular backups take place nightly and weekly
  • In the case of any unforeseen incidents Disaster Recovery and Business Continuity Plans are in place, as part of our ISO27001 certification 
  • JobAdder utilises AWS multiple Availability Zones (AZ) to remain resilient in the face of most failure modes
  • JobAdder has two AZs in each region and tests are conducted regularly to ensure different disaster scenarios are mapped and planned for

Account security

JobAdder has a Multi-Factor Authentication (MFA) feature, which requires two proofs of identity (JobAdder password and authenticator app code on the user’s mobile) to grant access to your JobAdder account.

Single Sign-On (SSO) is available for increased security. JobAdder integrates with a third-party SaaS product, Auth0, which supports a range of enterprise authentication mechanisms, including OpenID Connect (OIDC) and Security Assertion Markup Language (SAML):

Other protocols offered by Auth0 are available if required, including:

  • Google Workspace
  • Microsoft Azure AD
  • ADFS
  • Active Directory/LDAP
  • PingFederate
Platform compliance

GDPR and privacy compliance

General Data Protection Regulation (GDPR) plays a significant part in recruitment when it comes to collecting, handling and sharing candidate data.

With respect to candidate and client information that is stored in the JobAdder system:

You are the data controller and hold the direct relationship with your clients and candidates. You retain ownership of the client and candidate records that you store within your JobAdder account.

JobAdder, as the data processor, acts on your instructions when processing the candidate and client information stored in your JobAdder account.

GDPR compliance

JobAdder has a number of features to support your GDPR compliance:

  • Data processing opt-in policy: GDPR-compliant opt-in functionality on Job Application forms, with customisable text and data processing policy link
  • Pending candidates: Candidates are held in a ‘pending’ state until prerequisite requirements are met (eg. send privacy notice)
  • Auto-delete pending candidates: Candidates that are still in a ‘pending’ state past the one-month grace period will be automatically deleted
  • Export records: Manually respond to subject access requests by exporting the candidate record
  • Candidate Portal: Automatically respond to subject access requests by sending candidates a link to their CareerUpdate profile
  • Email and SMS templates: Email and SMS templates can be configured to fulfil the rectification and right to erasure notification obligations

Read JobAdder’s GDPR Terms
Read JobAdder’s Privacy Policy

Subprocessors
JobAdder uses third-party subprocessors to assist in the service we provide. Read the full list of subprocessors here.

Performance

JobAdder is committed to providing high availability and is transparent with customers about this, which means you can visit our status page anytime to quickly see if the JobAdder platform, or any related services, are experiencing any degradation. You can also see our standard Service Level Agreement (SLA) here.

Discover the joy JobAdder can add to your job

  1. Easy and intuitive
  2. Award-winning local support
  3. No lock-in contracts