Security
How Prepzo protects your hiring data with encryption, access controls, and audit trails.
Encryption
AES-256 at rest, TLS 1.3 in transit.
Role-Based Access
Control who sees what with granular permissions.
Audit Trail
Complete log of all actions and access.
SSO Integration
SAML 2.0 and OAuth with major providers.
Security Practices
Frequently Asked Questions
How is candidate data protected?
All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Data is stored in secure cloud infrastructure with geographic redundancy. Access is strictly controlled through role-based permissions.
Does Prepzo support SSO?
Yes. SSO support via SAML 2.0 and OAuth is available on higher-tier plans. We integrate with Okta, Azure AD, Google Workspace, and other identity providers.
What is the audit trail?
Every action in Prepzo is logged: who did what, when, and from where. Admins can review audit logs to track candidate data access, profile changes, login events, and permission modifications.
How does role-based access work?
Assign team members roles (Admin, Hiring Manager, Recruiter, Viewer) with predefined permissions. Create custom roles for specific needs. Restrict access to specific jobs for confidential hiring.
Can I control who accesses sensitive data?
Yes. Sensitive fields like salary expectations can be restricted to specific roles. You can also enable two-factor authentication for all users and require SSO for enhanced security.
What happens to data when I delete it?
Deleted candidate data is soft-deleted first (recoverable for 30 days), then permanently purged from all systems including backups. You can request immediate hard deletion if needed.
How do you handle data privacy requests?
Prepzo provides tools to handle data access requests, export candidate data, and delete records. Admins can respond to privacy requests directly from the dashboard.