Trust Center

Security and privacy,built in from day one.

TiJUBU handles your organisation's most sensitive people data. Here's exactly how we protect it.

Compliance & Certifications

We build toward the highest standard of trust — starting with live SSO today, and earning every certification ahead.

SSOLive

SSO / SAML 2.0

OAuth 2.0 & SAML 2.0 live in production across all accounts.

GDPRLive

GDPR

EU General Data Protection Regulation compliance.

SOC2In Progress

SOC 2 Type II

Security, availability and confidentiality audit.

ISO 27001In Progress

ISO 27001

Information security management system standard.

EU AI ActIn Progress

EU AI Act

EU Artificial Intelligence Act compliance framework.

Security Practices

From encryption to incident response — every layer of our stack is hardened against the threats that matter most for people data.

End-to-End Encryption

AES-256 at rest. TLS 1.3 in transit. No plain-text storage of sensitive employee data at any layer.

SSO & MFA

OAuth 2.0 and SAML 2.0 live. Multi-factor authentication supported and strongly recommended for all accounts.

Role-Based Access Control

Least-privilege by design. Granular permission scopes for admin, manager and employee roles.

24 / 7 Monitoring

Real-time SIEM alerting. Anomaly detection across all application ingress and egress points.

Penetration Testing

Annual third-party pen tests against production and corporate networks. All findings SLA-bound.

Incident Response

Defined response protocol with customer notification obligations. Tiered escalation and remediation SLAs.

Data Privacy

Your employees' data is not your product to sell, and it is certainly not ours.

GDPR Alignment

Data minimisation, purpose limitation and informed consent are built into our core data model. Full GDPR compliance is actively in progress.

Data Processing Agreement

A pre-signed DPA is available on request, covering audit rights, deletion terms and sub-processor disclosure obligations.

EU Data Residency

All customer data is processed and stored within the EU. We do not transfer personal data outside the EEA without appropriate safeguards.

Sub-Processor Transparency

A current list of all sub-processors is available on request. Customers receive advance notice of any material changes.

In ProgressEU AI Act compliance in progress

AI Governance

AI in TiJUBU is opt-in, fully auditable, and never trained on your data.

We never train on your data

Customer data is never used to train AI models — ours or third-party. Your people's data remains entirely yours, always.

EU AI Act Alignment

TiJUBU is implementing controls aligned with the EU AI Act: transparency, human oversight, and risk classification in progress.

Role-Based AI Permissions

Admins control which AI features are enabled, which roles can access them, and what data each feature is permitted to reference.

Full AI Audit Logs

Every AI-assisted interaction is logged with timestamps, input scope and model version — complete auditability across the platform.

Infrastructure

Built on battle-tested cloud infrastructure, monitored around the clock.

Cloud ProviderAWS — EU Region (Frankfurt)

Uptime Target99.9% SLA

BackupsDaily automated + point-in-time recovery

FailoverAuto-failover for business continuity

Infrastructure AccessMFA required. Quarterly access reviews.

HardeningIndustry best-practice baseline configurations

Documents & Contact

Need a report, an agreement, or have a security question? We respond to all security enquiries within one business day.

SOC 2 Report

Request our SOC 2 Type II report once available. Currently in progress — contact us to be notified.

Request Report

Data Processing Agreement

Request our pre-signed DPA covering your GDPR obligations, sub-processor disclosure and audit rights.

Request DPA

Security Contact

Vulnerability disclosures, security questionnaires, or due diligence enquiries responded to within one business day.

Contact Security

All security enquiries: security@tijubu.com