Security and Compliance

Our security and compliance measures
tick all the boxes

We support your need for data security and unbiased assessments

ISO 2013
2013
ISO 2015
2015
GDPR
GDPR
EEOC
EEOC
99.99% uptime
99.99% uptime

Product Security

Security-
by-design

We’ve used a security-first approach in our development process.

Learn more Arrow Icon

Password
Management

Only industry leading password and authentication policies meet our criteria.

Learn more Arrow Icon

Risk-
Management

We consistently monitor, control and record potential risks.

Learn more Arrow Icon

Cryptographic
Controls

Data is protected cryptographically at rest, in transit, and in process.

Learn more Arrow Icon

Incident
Management

Regular monitoring and recording of incidents with a dedicated e-mail ID for incident reporting.

Learn more Arrow Icon

Business
Continuity

AWS availability in three zones to ensure 99.99% uptime.

Learn more Arrow Icon

Infrastructure
Security

A combination of the screen application and perpetual diligence ensures industry-leading infrastructure security

Learn more Arrow Icon

Diligent Organizational Security

HR
and Training

Mandatory training and adherence to confidentiality and code of conduct.

Learn more Arrow Icon

Asset
Management

Transparent asset inventory, classification, movement and disposal.

Learn more Arrow Icon

Access
Management

Strict access control policy, based on role and requirement.

Learn more Arrow Icon

Data Protection: FAQs

Will you process my personal data for yourself or on behalf of another party?

We will only process your personal data if we have a lawful basis for doing so, which includes but is not limited to, the following: consent, contractual necessity, and our legitimate interests or the legitimate interest of others.

We do not share, rent, or sell your personal data to third parties unless you have granted us explicit permission to do so.

Yes, we handle your data securely using the following cryptographic measures:

  • At rest: Encrypted with the AES 256 Algorithm
  • In transit: Data transport is protected by TLS 1.2 with the RSA 2048-bit private key
  • In processing: Controlled access to data with two-factor authentication

Other than monitoring activities, within HackerEarth, nobody has access to customer data. Yes, there are different levels of access based on roles.

Yes, we maintain user activity logs.

Depending on the kind of service, we get data from both a data subject and from a Controller too.

We collect the following Personal Data about you:

  • Name (first name/last name/full name)
  • Title
  • Email ID (both personal and professional)

HackerEarth acts as a Data Processor only. The Data Controller may choose to collect additional details available in HackerEarth’s privacy policy.

Your data is retained with HackerEarth for as long as you have a HackerEarth account. You can request that we delete some or all of your Personal Data from our systems. While this will be done immediately, residual data may be saved in certain logs and this will be purged within a year of deleting your data.

To request that we erase your personal data, send us an email at support@hackerearth.com

Rest easy, we’ve got this

Request a demo