Hosting of Ontame data
All Ontame data is hosted at AWS (Amazon Web Services) in Irland (eu-west-1)
DATAFLOWS
Personal Data from Talent Recruiter
This table gives an overview of the data categories and data points Ontame gets from Talent Recruiter
Data Category | Data Points |
Identification | Candidate ID |
Professional | Online job views, job applications, interviews, hires, assessment, application status. |
Device | IP address (stored salted and hashed), cookies, browser |
Communications | None |
Browsing | Browsing information on websites owned by data controller |
Physical | Birthday, gender |
Family | None |
GDPR Special | None |
Ontame & Talent Recruiter - dataflow
Personal Data from ReachMee
This table gives an overview of the data categories and data points for ReachMee customers
Data Category | Data Points |
Identification | Candidate ID |
Professional | Online job views, job applications, interviews, hires, assessment, application status. |
Device | IP address (stored salted and hashed), cookies, browser |
Communications | None |
Browsing | Browsing information on websites owned by data controller |
Physical | Birthday, gender |
Family | None |
GDPR Special | None |
Ontame & ReachMee - dataflow
Personal Data from Webcruiter
This table gives an overview of the data categories and data points Ontame gets from Talent Recruiter
Data Category | Data Points |
Identification | Candidate ID |
Professional | Online job views, job applications, interviews, hires, assessment, application status. |
Device | IP address (stored salted and hashed), cookies, browser |
Communications | None |
Browsing | Browsing information on websites owned by data controller |
Physical | Birthday, gender |
Family | None |
GDPR Special | None |
Ontame & Webcruiter - dataflow
FAQ (GDPR)
# | Questions | Answers |
|---|---|---|
1 | Is Ontame a data processor? | Yes |
2 | Where is the system/solution located? | AWS Irland (eu west-1) |
3 | Is it a cloud solution or is the solution run locally? | Cloud solution |
4 | If cloud solution, what type? (IaaS, PaaS, SaaS) | SaaS |
5 | Does the system have Intrusion prevention system (IPS/firewall)? | Yes |
6 | How does data flow in the system/solution (please include a data flow diagram)? | See the dataflow section |
7 | Where is the information stored? | AWS Ireland (eu-west-1) |
8 | Where is the information processed? | AWS Ireland (eu-west-1) |
9 | Does Ontame provide security updates and system updates in order to keep the security and system up to date (patch management)? | Yes |
10 | Does the system contain role-based access control? | Yes (admin and basic level) |
11 | Is data encrypted at rest? | Data at rest are encrypted using AES-256-GCM on AWS. Read more herer: https://docs.aws.amazon.com/crypto/latest/userguide/concepts-algorithms.html |
12 | Is data encrypted during transmission over the internet (or similar networks)? | TLS 1,2 in transit of data |
13 | Is it possible to set up retention policies (automated deletion in the system?) | Yes |
14 | What requirements does the solution have for backup? | Our production database is backed up daily |
15 | Is there a log of use if the system? | user identifiable log |
16 | Where are the logs stored? | Logs are stored in AWS CloudWatch Logs (Ireland) |
17 | Do users have access to more than one environment? | No, users only have access to the production environment |
18 | Is production data used in the test environment? | Yes |
19 | Penetration testing? | Yes, Talentech conducts annual penetration tests in connection with IT audits. |
20 | Is data transferred to third parties? | No |
21 | Has Ontame signed a non-disclosure agreement? | Yes |
22 |