Client Security & Privacy
Our Commitment to Protecting Your Data
Nothing is more important than protecting your data. We take this responsibility very seriously, and that is why SpriggHR continually strives to be industry leaders in quality data security and privacy practices. By providing transparent and easy-to-follow outlines of our practices we aim to give you peace of mind that your data is being handled and managed with great care.
Request a Demo
256bit SSL encryption with HTTPS, & Transport Layer Security (TLS)
Double firewall protection
Frequent vulnerability scans
Dedicated hosting facility biometrically restricted & monitored 24/7
Quality assurance & OWASP Top 10 testing
Enforcement of security & privacy compliance
SpriggHR adheres to an extensive set of privacy and security policies. Our practices ensure we are compliant with Personal Information Protection and Electronic Documents Act (PIPEDA), The Digital Privacy Act, and Canada’s Anti-Spam Legislation (CASL). Practices are enforced with quarterly penetration audits and regular third-party due diligence assessments. Your information is further protected by Two-Factor Authentication at every login to our services.
Protecting sensitive information
SpriggHR takes many steps to secure your information at all times. All interactions with our software are protected by 256bit SSL encryption. As per industry best-practices, this encryption is in conjunction with HTTPS and Transport Layer Security (TLS). Outside attacks are further blocked by our double firewall setup, ensuring protection at the hosting and application level. Additionally, SpriggHR Inc. understands that protecting your data is an ongoing process - therefore to ensure continual protection we run frequent vulnerability scans and quarterly penetration tests for our Products & Services.
Web application development and security standard policies
All spriggHR software development follows strict and secure coding guidelines. Software releases are tested by our Quality Assurance and Security teams to ensure adherence to updated OWASP Top 10 security risk considerations, including input validation.
Securing physical and network access
SpriggHR servers are located at a dedicated hosting facility in Toronto, Canada. The hosting facility is monitored 24/7, and physical access to the network is biometrically restricted. At request, we can provide more information about the hosting facility, including certification documents.
General Data Protection Regulation (GDPR) is a new set of data protection and privacy regulations established by the European Commission. It aims to give Eurpoean residents control over their personal data and unify data privacy regulations in the Eurpoean Union. As part of our mission to provide industry leading data security, SpriggHR Inc. has aligned itself with these international regulations and has been GDPR compliant since GDPR’s implementation on May 25th, 2018.
Ready to learn more?
We would love to introduce you to Sprigg. Hit the “Request a Demo” button and we'll customize a demo just for you, lead by one of our senior HR professionals. We look forward to connecting!.
Request a Demo