Security & Compliance

Yes. Prepzo is SOC 2 Type II certified, meaning our security controls have been audited and verified by independent auditors. We undergo annual re-certification to maintain this standard.

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Data is stored in secure cloud infrastructure with geographic redundancy. Access is strictly controlled through role-based permissions.

Yes. Prepzo supports GDPR requirements including: data subject access requests, right to erasure, data portability, consent management, and data processing agreements. EU data can be stored in EU regions.

Yes. Scale plan and above includes SSO support via SAML 2.0 and OAuth. We integrate with Okta, Azure AD, Google Workspace, and other identity providers.

Every action in Prepzo is logged: who did what, when, and from where. Admins can review audit logs to track candidate data access, profile changes, login events, and permission modifications.

Assign team members roles (Admin, Hiring Manager, Recruiter, Viewer) with predefined permissions. Create custom roles for specific needs. Restrict access to specific jobs for confidential hiring.

Yes. Sensitive fields like salary expectations can be restricted to specific roles. You can also enable two-factor authentication for all users and require SSO for enhanced security.

Deleted candidate data is soft-deleted first (recoverable for 30 days), then permanently purged from all systems including backups. You can request immediate hard deletion for GDPR compliance.