RChilli ensures compliance with privacy regulations through a robust combination of certifications, secure architecture, and data handling practices. Here’s a comprehensive breakdown:
1. Security Certifications and Standards
RChilli is committed to data protection and adheres to the highest industry standards:
-
ISO/IEC 27001:2022 – This international standard outlines the requirements for an effective Information Security Management System (ISMS), ensuring that RChilli handles sensitive data securely.
-
SOC 2 Type 2 – Certifies RChilli's controls related to security, availability, processing integrity, confidentiality, and privacy.
-
HIPAA – Indicates compliance for handling protected health information, applicable for clients in the healthcare recruiting domain.
-
PCI DSS – Ensures secure handling of payment data where applicable.
2. Data Handling and Storage Practices
-
Resume Parser API: Does not store any data. Parsing is done in real-time, and data is not retained.
-
Search and Match API: Temporarily indexes documents in a secure, region-specific environment for the purpose of search and match operations. These documents are not stored permanently and can be deleted using the DeleteAllDocuments API.
3. Regional Server Control and Data Sovereignty
-
Clients can select data centers in the USA, Europe, or Singapore during setup.
-
Once selected, the data processing occurs within that geographical jurisdiction, ensuring compliance with local data residency laws (e.g., GDPR for Europe).
4. GDPR and Other Privacy Law Compliance
-
RChilli’s solutions, especially Search & Match and Resume Templater APIs, are GDPR-compliant.
-
APIs include features like configurable data redaction to support bias-free recruitment and help organizations meet diversity and inclusion goals.
5. Secure API Integration
-
All APIs are secured using API key-based authentication.
-
The architecture is designed following REST API security best practices, ensuring secure data transmission and usage.
6. Annual Data Enrichment and Hygiene Controls
-
RChilli partners with verified third-party providers (e.g., Full Contact, Lusha) to enrich candidate data without compromising data privacy.
-
Automated updates ensure high data quality while maintaining compliance with structured and consent-based data usage.
7. Resume Templater and Redaction Capabilities
-
Offers customizable resume redaction, including job-zone-based anonymization of personal identifiers to promote compliance with EEOC and similar regulations.
✅ Summary
RChilli's privacy compliance strategy includes internationally recognized certifications, region-based data processing, and security-focused product design. Whether you're integrating parsing, matching, or enrichment APIs, RChilli ensures data privacy and security at every step.
For further details, you can review:
-
Or contact support@rchilli.com for audit documentation and deeper compliance inquiries.
Comments
0 comments
Please sign in to leave a comment.