Dedicated to a secure, compliant, and trustworthy talent experience
SOC 2
Eightfold has obtained a SOC 2 Type II assessment provided by independent third-party auditors.
SOC 3
Eightfold has a public SOC 3 report that provides an overview of our service organization controls. The report is available through this link.
ISO 27001
Eightfold is ISO 27001 certified by independent third-party auditors. The certificate is available through this link.
ISO 27701
Eightfold is ISO27701 certified by independent third-party auditors. The certificate is available through this link.
GDPR
Eightfold is compliant with European Union General Data Protection Regulations (GDPR) as applied to Eightfold, and supports customers’ own compliance programs through product features, integration, and configuration options, as required by our customers.
Eightfold complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
CCPA
Eightfold is compliant with the California Consumer Privacy Act (CCPA) as applied to Eightfold, and supports customers’ own compliance programs through product features, integration, and configuration options, as required by our customers.
OFCCP
Eightfold supports record keeping standards established by the Office of Federal Contract Compliance Programs (OFCCP) as required by our customers who are subject to OFCCP.
FedRAMP Ready
Eightfold has achieved the FedRAMP Ready certification as a moderate SaaS offering for our Amazon Web Services (AWS) GovCloud region as required by our public sector customers.
Cyber Essentials
Cyber Essentials is a UK government-backed scheme to help organizations protect against cyber-security threats by setting out baseline technical controls. See certificate of assurance here.
New York City Bias Audit
New York City Local Law 144 of 2022 regulates “automated employment decision tools.” Eightfold is providing this information to assist the public in understanding Eightfold’s matching model that produces a match score. Eightfold is providing this information regardless of whether the model is subject to this New York City law or not.
Responsible AI in Employment
Eightfold uses AI techniques and other methods that mitigate bias against any individual based on their protected class such as gender and race. Please review our whitepaper Responsible AI at Eightfold for more details. If you have questions regarding your application with an employer that uses Eightfold’s service, you may contact the employer directly or complete this form.
Data Access Control
Access to all corporate and customer data is granted based on principles of least privilege and need-to-know governed by role and individual user profiles.
Access Authentication
Eightfold supports SAML 2.0 and SSO integration. Application access is controlled by customer defined groups based on configurable permissions. Eightfold utilizes MFA, IAM and IdP to prevent unauthorized access to the systems and application.
Data Protection
Eightfold encrypts data at rest and in transit using AES 256-bit and TLS 1.2.
Physical Security
Eightfold uses AWS as its hosting provider.
Backup
Eightfold uses database replication and periodic snapshots to avoid customer data loss.
ADA & WCAG 2.1 AA
Eightfold follows the Web Content Accessibility Guidelines (WCAG) 2.1 AA standard as promulgated by the World Wide Web Consortium for design of all public-facing products. These designs allow users to operate Eightfold websites using assistive devices like a screen reader.