TalentArbor Trust Center

Security. Privacy. Compliance. Transparency.

Access & Identity

  • Access Log Management
  • Data Access

Certification

  • ISO 27001:2013 Certificaiton
  • ECOVADIS

Compliance

  • CCPA
  • GDPR
  • Accesablity WCAG 2.1 AA

Data Lifecycle

  • Data Backups
  • Data Deletion / Retention
  • Encryption-at-rest

Endpoint Protection

  • Disk Encryption
  • DNS Filtering
  • Endpoint Detection & Response

Network & Infrastructure

  • Status Monitoring
  • AWS
  • BC/DR
  • DMARC
  • Firewall

Product & Data Security

  • Audit Logging
  • Data Security
  • Integrations

Access & Identity

Access Log Management

Logs are restricted using the principles of least privilege and are monitored for any tampering or deletion. Logs are aggregated into our Security Information and Event Management (SIEM) tooling with custom detection logic. Log review is performed in real time, and alerting and monitoring processes run on a 24x7 basis.

Data Access

TalentArbor internal systems access is restricted by stringent access control measures monitored and updated according to industry best practices on a regular basis.

Access to internal systems is adherent to the principles of least privilege and separation of duties, subject to quarterly review by administrators, documented with clear rationales for provisioning and changes, and revoked according to strict termination policies.

TalentArbor utilizes an in-house platform to enforce these requirements. This internal solution allows employees to request access to internal system and documents access scope, approval owners, and temporal access limits.

Certification

ISO 27001:2013 Certificaiton

ISO/IEC 27001:2013 is an international standard for Information Security Management Systems (ISMS). It provides a systematic approach to managing sensitive company information so that it remains secure, confidential, and available.

Rangam is an ISO 27001:2013 certified organization that strictly adheres to all established information security controls. We undergo annual third-party audits as well as regular internal audits to ensure ongoing compliance and continual improvement.

ECOVADIS

EcoVadis is a global sustainability ratings platform that evaluates the environmental, social, and ethical performance of companies. It's widely used in supply chain management to assess the Corporate Social Responsibility (CSR) practices of suppliers and partners.

Compliance

CCPA

TalentArbor is committed to protecting user privacy in accordance with the California Consumer Privacy Act (CCPA). We provide transparent data practices, including the right to access, delete, or opt out of the sale of personal information. Our privacy policy outlines how we collect, use, and safeguard personal data. Users can exercise their rights by contacting us directly, ensuring full compliance with CCPA requirements.

GDPR

TalentArbor complies with the General Data Protection Regulation (GDPR) to ensure the highest standards of data privacy and protection for individuals within the European Union. We uphold data subject rights, including access, rectification, deletion, and consent management. Personal data is handled lawfully, transparently, and securely across all our systems. Users can submit data-related requests directly to our privacy team for prompt handling.

Accesablity WCAG 2.1 AA

WCAG 2.1 AA (Web Content Accessibility Guidelines, version 2.1, conformance level AA) is the internationally recognized standard for making web content more accessible to people with disabilities. It was published by the W3C (World Wide Web Consortium).

Data Lifecycle

Data Backups

TalentArbor captures backups on a regular basis to ensure internal and customer data is protected from loss according to our Business Continuity and Disaster Recovery procedures.

Data Deletion / Data Retention

Data Retention: We retain personal and business data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable legal, regulatory, or contractual obligations. Retention periods are regularly reviewed to ensure compliance and data minimization.

Data Deletion: Users can request the deletion of their personal data by contacting us at privacy@rangam.com. Upon verification, data is securely deleted from our systems within 30 days, unless retention is required by law. All deletion processes follow secure industry standards to prevent unauthorized recovery.

Encryption-at-rest

All customer data is encrypted at-rest using AES-256. TalentArbor is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards.

All data is encrypted at-rest (AES-256) and in-transit (TLS 1.2), following industry best practices.

Endpoint Protection

Disk Encryption

To protect the confidentiality and integrity of information stored on all employee endpoints, TalentArbor mandates full-disk encryption. Additionally, we continuously monitor endpoint security signals to promptly identify and investigate any anomalous activity.

DNS Filtering

To enhance endpoint security, TalentArbor implements DNS filtering mechanisms that block access to malicious web traffic. This preventive measure is complemented by regular monitoring.

Endpoint Detection & Response

All employee endpoints are managed and monitored using best-in-class solutions from trusted vendors. Endpoint security signals across corporate endpoints and cloud infrastructure are monitored regularly for anomalous activity.

We employ firewalls and network policies to monitor and control traffic across our infrastructure. These controls, combined with network segmentation and system hardening, ensure traffic is appropriately restricted, and all changes are authorized, tested, and reviewed.

TalentArbor network configurations are supported by documented justifications for allowed services, protocols, ports, and devices. Network configurations are also governed by strict change management processes.

Network & Infra

Status Monitoring

TalentArbor implements continuous infrastructure and application monitoring to ensure system reliability, performance, and security.

AWS

TalentArbor’s infrastructure is hosted on Amazon Web Services (AWS), leveraging its robust security, scalability, and compliance capabilities. Our environments are isolated by function (development, staging, production) to ensure data integrity and operational security. Data is encrypted at rest and in transit, and access is tightly controlled through AWS best practices. Continuous monitoring and backup strategies support high availability and business continuity.

BC/DR

We have a formal Business Continuity and Disaster Recovery plan, which is exercised, reviewed and approved annually. TalentArbor also conducts regular testing of critical services, backup systems and operational infrastructure to ensure business continuity requirements are met. Our risk assessment program and business impact analysis are scoped across the organization, reflecting our commitment to preparedness across business areas.

DMARC

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It's an email authentication protocol that helps protect your domain from being used in email spoofing, phishing scams, and other cybercrimes.

Firewall

A firewall is a security system-either hardware, software, or both-that monitors and controls incoming and outgoing network traffic based on a set of security rules. Its main purpose is to establish a barrier between a trusted internal network and untrusted external networks (like the internet).

Product & Data Security

Audit Logging

TalentArbor maintains secure and tamper-resistant audit logs to track critical user actions, system events, and access activity. These logs support accountability, help detect unauthorized behavior, and aid in security investigations. Regular reviews and monitoring ensure timely response to potential threats, while log retention aligns with our compliance and governance policies.

Data Security

TalentArbor utilizes custom-built internal services to monitor customer data flows and help ensure that enterprise data does not enter into our logging or data warehousing pipelines. The TalentArbor privacy team is responsible for detection and remediation of flagged enterprise data events.

To logically separate customer data, TalentArbor enforces organizational sharding. By default, enterprise customer data is never combined across customers because organization ID logically separates data in our Azure storage solution.

In addition to enterprise data flywheel controls, organizational security controls are enforced through technical guardrails, internal policy, and annual training to set requirements for enterprise data protection.

Integrations

TalentArbor ensures that all product integrations are secure, reliable, and compliant with industry standards. We use encrypted channels, authenticated connections, and follow strict access controls to protect data shared with third-party systems. All integrations are reviewed for security risks and compliance with frameworks like ISO 27001 and SOC 2. This approach ensures seamless functionality without compromising on data privacy or integrity.