How we protect your data
Kixlogic handles sensitive hiring and compensation data. Security is built into every layer — not bolted on after the fact.
Encryption
All data is encrypted in transit and at rest.
- TLS 1.2+ for every connection between your browser and our API
- Encrypted database connections to Supabase Postgres
- Secrets stored in Cloudflare Workers — never in source code
Infrastructure
Hosted on modern cloud infrastructure with global edge delivery.
- Application frontend on Cloudflare Pages
- API runtime on Cloudflare Containers
- Database on Supabase Postgres (U.S.)
- Transactional email via Resend
Multi-Tenant Isolation
Every customer's data is logically separated.
- Tenant ID enforced on every database query
- Recruiters can only access their own tenant's applicants and jobs
- Super Admin access is platform-level only, with audit logging
Authentication & Access
Secure account access with role-based permissions.
- Email-and-password authentication with server-validated JWT sessions
- Role-based access: Admin, Recruiter, Hiring Manager, Read-only
- Password reset via secure one-time tokens
- Session invalidation on password change
Audit Logging
Administrative actions are logged for accountability.
- Stage changes, rejections, and offer actions recorded with user and timestamp
- Super Admin actions logged with IP address
- Activity log visible to tenant Admins in dashboard
Applicant Data
Candidate information is handled with care.
- EEO data compartmentalized from main application records
- Resume files stored securely and accessible only to authorized recruiters
- Data retained per our Privacy Policy — deleted 90 days after account termination