Here at Happy Job, we are scrupulous about the security of our users’ data. Our data protection programs comply with the ISO 27001 global security standard and the European Union General Data Protection Regulation (GDPR).

We are open to interaction with customer-based information security services to ensure access, add happy-job.eu to the Allow List, enable firewall, etc. to successfully conduct polls.

ISO 27001

The Happy Job platform is developed with the ISO 27001 standard in mind:

  • We systematically conduct information security risk assessments for threats and vulnerabilities.
  • We have a comprehensive set of tools to manage the security of personal and other data.
  • We have developed a management process ensuring that information security management tools always comply with ISO 27001 requirements.

GDPR

The General Data Protection Regulation (GDPR) is a new data protection regulation that was put into effect in the European Union on May 25, 2018. Its goal is to provide EU citizens with more control over how the organisations collect and process their data.

Happy Job's Privacy Policy complies with the new EU GDPR data collection, processing and storage requirements. Our Policy includes user rights - the Right to be Forgotten and the Right to Access - and clearly explains all stages of collected data handling in the Data Protection Agreement (DPA).

Security of the equipment used

Happy Job's IT infrastructure allows for conducting large-scale corporate surveys: we can survey over 250,000 respondents at a time. The platform servers are located in the European Union and have a full set of Tier III certificates, including Tier III - Gold Certification of Operational Sustainability.

Dedicated teams led by a security supervisor ensure the safety of Happy Job's processes.

Data Security

We always encrypt our users' data in transit using Transport Layer Security 1.2 (TLS) with an industry-standard AES-256 cipher.

Database backups are performed with high frequency and are also encrypted at rest. All database user operations are logged and audited every month.

We use the CQRS principle, as well as the principle of customers' company names codification.

Access control

At Happy Job, only several senior production support team members have access to customer data. We use MFA and VPN to ensure secure access.

All files are encrypted and transmitted through specific channels. Production data (including feedback content, group names, company names, etc.) never leaves the production environment without complete anonymity.

Vulnerability management

We regularly check our software for vulnerabilities and at times invite third-party experts and auditors.

Incident response

Our security incident response team is always ready to process any incident. In case the Happy Job information security program is breached or compromised, our customers will be notified within 48 hours.