Question 1

Are we SOC 2 compliant today?

Accepted Answer

Type II is in progress with completion targeted Q3 2026. We operate under Type I controls today and run continuous monitoring via Vanta. Full evidence pack available under NDA.

Question 2

How do you handle EU data residency?

Accepted Answer

EU workspaces are hosted in Frankfurt (eu-central-1). Data, backups, and admin tooling stay in-region. Customers can require EU-only model providers (Mistral) for sensitive workloads.

Question 3

What does enterprise migration look like?

Accepted Answer

Dedicated migration engineer. SSO and SCIM configured first. Bulk import from your ATS in flight while we wire up integrations. Median cutover under 24 hours, including parallel-run period and rollback plan.

Question 4

Do you have a DPA and customer-specific contracts?

Accepted Answer

Yes. Standard DPA aligned to GDPR Article 28 available immediately. Master Services Agreements, custom security addenda, and indemnification language are negotiated on Scale.

Built for scale. And for security teams.

Everything your security review needs.

Okta, Azure AD, Google

Granular permissions

EU and US regions

99.95% SLA on Scale

Every action logged

Real-time analytics

Questions from your security team.

For security teams.

There's Always Risk: Why Cybersecurity Is Everyone's Job

AI Recruitment Software Should Run Hiring, Not Just Track It

Agentic AI Rise: Transforming Recruitment After CES 2026

Ready for your security review.