Security and Compliance

Our security and compliance measures
tick all the boxes

We support your need for data security and unbiased assessments

ISO-27001
2013

Information Security Management System (ISMS)

ISO 27017
2015

Information Security Management System (ISMS)

GDPR
2015

General Data Protection Regulation

EEOC
EEOC

Equal Employment Opportunity Commission

Powerful Product Security

Security-
by-design

We’ve used a security-first approach in our development process.

Read more

Password
Management

Only industry leading password and authentication policies meet our criteria.

Read more

Risk-
Management

We consistently monitor, control and record potential risks.

Read more

Cryptographic
Controls

Data is protected cryptographically at rest, in transit, and in process.

Read more

Incident
Management

Regular monitoring and recording of incidents with a dedicated e-mail ID for incident reporting.

Read more

Business
Continuity

AWS availability in three zones to ensure 99.99% uptime.

Read more

Infrastructure
Security

A combination of the Sqreen Application and perpetual diligence ensures industry-leading infrastructure security

Read more

Diligent Organizational Security

HR
and Training

Mandatory training and adherence to confidentiality and code of conduct.

Read more

Asset
Management

Transparent asset inventory, classification, movement and disposal.

Read more

Access
Management

Strict access control policy, based on role and requirement.

Read more

Data Protection: FAQs

Will you process my personal data for yourself or on behalf of another party?

We will only process your personal data if we have a lawful basis for doing so, which includes but is not limited to, the following: consent, contractual necessity, and our legitimate interests or the legitimate interest of others.

We do not share, rent, or sell your personal data to third parties unless you have granted us explicit permission to do so.

Yes, we handle your data securely using the following cryptographic measures:

  • At rest: Encrypted with the AES 256 Algorithm
  • In transit: Data transport is protected by TLS 1.2 with the RSA 2048-bit private key
  • In processing: Controlled access to data with two-factor authentication

Other than monitoring activities, within HackerEarth, nobody has access to customer data. Yes, there are different levels of access based on roles.

Yes, we maintain user activity logs.

Depending on the kind of service, we get data from both a data subject and from a Controller too.

We collect the following Personal Data about you:

  • Name (first name/last name/full name)
  • Title
  • Email ID (both personal and professional)

HackerEarth acts as a Data Processor only. The Data Controller may choose to collect additional details available in HackerEarth’s privacy policy.

Your data is retained with HackerEarth for as long as you have a HackerEarth account. You can request that we delete some or all of your Personal Data from our systems. While this will be done immediately, residual data may be saved in certain logs and this will be purged within a year of deleting your data.

To request that we erase your personal data, send us an email at support@hackerearth.com

Rest easy, we’ve got this

Request a demo