Information & Security
An overview of Jobbatical's strong commitment to security and data management.



A word from our CISO
Jobbatical is a leading provider of relocation services, helping companies hire top talents from anywhere in the world.
Our paperless process is powered by our own software application. We proudly serve over 200 companies as their primary relocation partner.At Jobbatical, safeguarding sensitive information and customer data is integral to our business. We rely heavily on our Relocation Case Management Software, prioritizing the confidentiality, integrity, and availability of our applications. Our primary objective is to protect our customers' data and Information and Communications Technology (ICT) assets.We are committed to continuous security improvements and adhere to Information Security Management Systems across all levels of our organization. This includes all employees, core business processes, and the ICT systems supporting our Jobbatical application.To ensure the highest standards of information security, we comply with the ISO27001 standard. This standard guides us in establishing, implementing, controlling, assessing, maintaining, and improving our documented Information Security Management System (ISMS). By choosing appropriate security measures, we aim to safeguard information and provide confidence to our stakeholders.
In this page we have curated a collection of documents that cover various aspects of our program, policies, architecture, tests, and more. These resources are designed to provide comprehensive information. If you have any additional inquiries, please don't hesitate to contact us.
Marje Salumets
CISO
Summary of our commitment to data security
Has ISO27001 Certification
GDPR Compliant
All data is processed within the EU
Regular third-party audit(s)
Conducts cyber hygiene trainings for all employees
Has a formal device management program
Annual third-party penetration testing
Has a Business Continuity and Disaster Recovery Management
Role-based access control
Data Retention Policy in place
ISO27001 Certification
(Locked 🔐, upon request)Penetration Test Summary
(Locked 🔐, upon request)Technical and Organizational Measures (TOM)
(Locked 🔐, upon request)More documentation can be provided to selected clients and prospects prior NDA
Application security
Jobbatical has built the platform for our service on top of known cloud vendors, who have high security standards, minimizing the risk of the service being not available.
Data storage:
- Google Cloud Storage.
- All request are forced to go through HTTPS.
- Database operations are using SSLData is encrypted at rest.
- 24/7 automatic monitoring.
- Data center providers geographical region: Europe North 1
All sub-processors are thoroughly assessed, certified and use EU storage location.List of subprocessors used by Jobbatical is available to clients and selected prospects prior to NDA.
All sub-processors are thoroughly assessed. certified and use EU storage location
We have 24/7 automated monitoring to detect any anomalies and 99,7% service availability rate. In case of an unwanted event or incident we follow the Incident Management Process, that is also compliant with ISO27001 requirements.
Examples use-cases for alerts:
- Abnormal amount of unauthorized requests.
- High amount of errors.
- Abnormal login attempts