Security
Find all information about our security processes, server locations and best practises in place.
Data
Data collection
BuddiesHR will only collect the data needed for the operation of its apps.
Data encryption
We follow the OWASP best practices and encrypt data (both at rest and in transit).
Data storage
We do not store any data that we don’t need for our operations.
Data deletion
All data related to the Slack workspace are automatically deleted 12 months after any app is removed from the Slack workspace.
Servers location
AWS data center located in Paris, France (eu-west-3).
Data hosting country
France
Data hosting company
AWS
Security policies
Contact us to receive any of these security policies. (security@buddieshr.com)
- Acceptable Use Policy
- Access Control and Termination Policy
- Business Continuity and Disaster Recovery Plan
- Change Management Policy
- Code of Conduct
- Configuration and Asset Management Policy
- Data Classification Policy
- Data Retention and Disposal Policy
- Encryption and Key Management Policy
- Information Security Policy
- Internal Control Policy
- Network Security Policy
- Performance Review Policy
- Physical Security Policy
- Risk Assessment and Treatment Policy
- Secure Development Policy
- Security Incident Response Plan
- Vendor Management Policy
- Vulnerability and Patch Management Policy
Certifications
HIPAA
No
SOC2
No
The CTO of BuddiesHR has previously overseen SOC2 certification and continues to adhere to all SOC2 principles.
Security Questionnaire
$500, on-demand
Before starting any security review process, please make sure to test the apps you want to install using a test Slack workspace (it is free to create a Slack workspace and free to try BuddiesHR apps).
Useful links
Any question?
Contact us at security@buddieshr.com