JobsAday made it easy for you with our innovativeAI
Sign In / Sign Up

Security Policy

Effective Date: ___________

Operated by JobsAday, a product of ZAR Solutions

At JobsAday, the security of your data is our top priority. This Security Policy explains how we protect the information of all our users—Candidates, Employers, HR professionals, and HRMS portal users—and the measures we take to maintain the confidentiality, integrity, and availability of data.

1. Scope of the Security Policy

This Security Policy applies to:

  • Candidates / Job Seekers - Personal information, resumes, job applications, test scores, and account activity.
  • Employers / Recruiters - Company profiles, job postings, HR contact details, and messaging with candidates.
  • HR Professionals & Hiring Agencies - Employee records, payroll, attendance, leave, and communications.
  • HRMS Portal Users - Attendance logs, payroll data, check-in/check-out times, performance metrics, and internal messaging.

This policy applies to all data in transit, at rest, and during processing within the JobsAday platform and related systems.

2. Data Protection Measures

2.1 Encryption and Data Transmission

  • All sensitive data is transmitted using SSL/TLS encryption.
  • Data stored on servers is encrypted with AES-256 encryption, a global standard for securing sensitive information.
  • API communications and integrations (e.g., Slack, Zoom) use secure encrypted connections.

2.2 User Authentication and Access Control

  • Passwords must be updated every 2 months, and users are encouraged to enable multi-factor authentication (MFA).
  • Accounts inactive for 3 months may be suspended, and reactivation may require verification and applicable fees.
  • Access to personal and organizational data is granted only to authorized personnel on a need-to-know basis.
  • Administrator and internal access are audited regularly to prevent misuse or unauthorized activity.

2.3. Secure Coding and Application Security

  • JobsAday follows secure development lifecycle practices, including regular vulnerability scanning, penetration testing, and patching.
  • AI-powered tools (resume/offer letter generators) do not store sensitive credentials beyond necessary processing.
  • Applications are monitored for anomalous activities and security threats.

3. Monitoring, Threat Detection, and Incident Response

  • Continuous monitoring is performed for unauthorized access, account breaches, and suspicious activity.
  • Automated alerts notify the security team immediately ofpotential threats or anomalies.
  • Security logs are maintained for audit and forensic purposes.
  • In case of a breach, JobsAday follows a structured incident response plan, including:
    • Containment and mitigation
    • User notification (if applicable)
    • Forensic investigation
    • System improvements to prevent recurrence

4. Data Retention and Deletion

  • Active data is retained in accordance with the JobsAday Privacy Policy.
  • Accounts inactive for 3 months may be suspended; data of users inactive for 2 years may be permanently deleted.
  • Users can request data correction or deletion at any time via the portal or privacy@jobsaday.com.

5. Third-Party Services and Compliance

  • JobsAday uses trusted third-party services for cloud hosting, payments, and analytics, all compliant withSOC 2, ISO 27001, GDPR, HIPAA, CCPA, CPRA, and LGPD.
  • All third-party integrations are regularly audited for security compliance.
  • JobsAday is not responsible for breaches or security issues caused by third-party providers beyond our control.

6. Payment and Verification Security

  • Payments for premium services are processed through secure, authorized gateways only.
  • JobsAday never accepts payments via social media or personal accounts; any such request is fraudulent.
  • Payment verification may include identity checks to ensure secure handling of sensitive information.
  • Payment data is stored securely and encrypted in compliance with PCI DSS standards.

7. User Responsibilities

  • Users must keep passwords and OTPs confidential.
  • Avoid sharing account credentials or sensitive data outside the portal.
  • Report suspicious activity or potential fraud immediately to support@jobsaday.com.
  • Users are responsible for reviewing and validating AI-generated resumes or offer letters.

8. Marketing and Communication Security

  • Users may receive emails or notifications about platform updates, jobs, or promotional offers.
  • You may opt out at any time via account settings or email links.
  • JobsAday ensures data used for marketing is protected and compliant with global privacy standards.

9. Google Translate Disclaimer

  • JobsAday provides Google Translate to help global users understand policies.
  • We are not responsible for translation errors or misinterpretations.

10. Policy Updates

  • This Security Policy may be updated to reflect legal, technical, or operational changes.
  • All updates will be posted on this page with a new effective date.