Skip to main content
SourceIQ
Security & Compliance

Enterprise-Grade Security for Indian Recruitment

Candidate data is personal data. We built DPDP compliance, encryption, and tenant isolation into the foundation — not as an afterthought.

Security at every layer

Encryption Everywhere

TLS 1.3 in transit. AES-256 at rest. CSRF encryption keys. Bcrypt password hashing. Every layer protected.

Row-Level Security

PostgreSQL RLS ensures Client A cannot see Client B's data. Every query is tenant-scoped at the database level — not just the application.

Complete Audit Trails

Every action logged: who accessed what, when, and from where. Audit logs are immutable and retained for compliance review.

Consent Management

DPDP-compliant consent capture at every data entry point. Candidates can view, modify, and withdraw consent at any time.

Infrastructure Security

Nginx with HSTS, CSP, and rate limiting. PM2 process isolation. Redis with AOF persistence and memory limits. Automated backups.

Indian Data Residency

Your data is processed and stored on servers accessible from India. We commit to keeping Indian candidate data within compliant jurisdictions.

DPDP Act 2023 Compliance

India's Digital Personal Data Protection Act mandates strict requirements for processing candidate PII. SourceIQ is built to meet every requirement. Penalties for non-compliance reach ₹250 crore.

Requirement
Status
Details
Consent before processing
Implemented
Consent captured at application, enrichment, and import touchpoints
Right to erasure
Implemented
7-day response guarantee with 48-hour advance notice before deletion
Data portability / export
Implemented
Full candidate data export in structured format on request
Breach notification
Implemented
72-hour notification process to Data Protection Board with audit trail
Grievance officer designation
Implemented
Designated officer for DPDP-related queries and complaints
Cross-border data flow
Documented
Data flow documentation for all third-party data processors
Data Processing Agreements
In progress
DPAs with all third-party data processors being formalized
Data Residency

Indian data stays in India

SourceIQ processes and stores candidate data on infrastructure accessible from India. We maintain documentation of all cross-border data flows and third-party processor agreements as required by the DPDP Act.

Questions about security?

Our team is happy to walk through our security architecture and compliance posture.

Contact Us

Have questions? Chat with us on WhatsApp!