Security and confidentiality

Access management

Access to your data is restricted. Only two parties have access. Firstly, users added by the customer. This means that you and your staff have access to your data only to the extent of the rights assigned internally.

In addition, access to your data is granted to authorized Flatchr personnel. Access rights are granted in accordance with the user's function, within the framework of a security policy. They are updated in the event of evolution or change of function and are organized around logical, physical or organizational measures. Flatchr staff therefore only have access to the information they need to do their jobs, and follow the principles of "least privilege" and "need to know".

Storage of my data

We take the security of your data very seriously. To guarantee this security, we store your data in our database hosted at CleverCloud. This database is ISO 27001 certified and complies with information security standards.

This database backup ensures rapid restoration of your data in the event of an incident.

Physical security

Our servers are hosted by Google Cloud Platform in secure data centers with advanced physical security measures, such as monitoring systems, strict access controls and regular backups. This ensures that your data is protected against physical threats such as intrusions and natural disasters.

Data encryption

All communications with the Flatchr application and between our servers are encrypted using the HTTPS standard (TLS 1.3 or later). Flatchr encrypts your data at rest using aes-xts block encryption.

Security testing

We regularly carry out in-depth security tests to identify and correct any vulnerabilities in our system. These tests include vulnerability scans, code audits and attack simulations to ensure the robustness of our platform.

Monitoring and threat detection

We constantly monitor our infrastructure for suspicious behavior or malicious activity. We use advanced detection tools and techniques to alert us to any intrusion attempt or abnormal activity.

Privacy policy

We respect your privacy and comply with all applicable data protection laws and regulations. Our privacy policy details how we collect, use and protect your personal data.

Personnel policy

We carry out systematic background checks on our staff and subcontractors, and have a strict confidentiality agreement in place to ensure the security of our subcontractors.

Data security awareness meetings are organized within Flatchr.
Flatchr has also drawn up a physical and environmental security policy to protect the information on our premises.

Data transfer

All your data is hosted in the European Union.
We only share your personal information with those third parties necessary to provide our services to you. We are committed to obtaining your consent prior to any data sharing, except where required by law.

To ensure that we respect the rights and freedoms of data subjects, we endeavour to process personal data within the European Economic Area, and to use service providers within the EEA who can guarantee the highest level of protection, security and functionality.

Data rights

Flatchr acts as a subcontractor for all your data. The Customer is solely responsible for the use of the Solution, the Platform, the Application, the Content and the job advertisements it publishes. The Customer shall be solely responsible for the publication of a job advert in violation of employment law for an illegal activity or one that does not comply with the laws and regulations in force. Here is an article around Flatchr and its compliance with the RGPD to help you in your steps.