Security at Digger
Your candidates' data is sensitive. We treat it that way. Here's how we protect it.
EU-Only Data Hosting
All data is stored in EU data centers. No candidate data leaves the European Union, ever. We use industry-leading cloud providers with SOC 2 and ISO 27001 certifications.
Encryption Everywhere
All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Database backups are encrypted. API communications use HTTPS exclusively.
Access Control
Role-based access control (RBAC) ensures team members only see what they need. All access is logged and auditable. Admin actions require multi-factor authentication.
GDPR by Design
Privacy isn't an afterthought. Data minimization, purpose limitation, and consent management are built into the core architecture. Candidates can request data export or deletion at any time.
Regular Audits
We conduct regular security assessments and penetration testing. Our infrastructure is continuously monitored for vulnerabilities and anomalies.
Incident Response
We have a documented incident response plan with defined escalation procedures. In the unlikely event of a breach, affected parties are notified within 72 hours per GDPR requirements.
Security questions?
If you have questions about our security practices or need documentation for your compliance review, we're happy to help.
hello@digger.hr →