SECURITY

HR data is the most regulated data in your company.

It deserves the most regulated infrastructure. Toby is built for the questionnaire your security team is going to send before they let you sign anything.

※ WHAT WE PROTECT

Eight architectural commitments, every workspace.

※ 01

Tenant isolation, three layers deep

Every customer's data is isolated three times over. Per-request context binding. Application-layer scope filters. Postgres Row-Level Security policies. Three independent checks have to fail before any cross-tenant access is possible. Independently verified by an external penetration test.

※ 02

Encrypted at rest, encrypted in flight

AES-256 at rest. TLS 1.3 in transit, end-to-end. OAuth tokens and API keys for connected integrations are encrypted with AES-256-GCM using deploy-scoped keys. Keys rotate on a defined schedule; rotation is audit-logged.

※ 03

Passwordless authentication with passkeys

Magic-link first factor, passkey (FIDO2/WebAuthn) second factor, required on every sign-in. No passwords to phish, no passwords to leak, no passwords to rotate. Enterprise customers layer SAML SSO from their own identity provider.

※ 04

Tamper-evident audit ledger

Every action, every chat, every draft, every case update, is written to an append-only ledger. Each entry is hashed with SHA-256 and chained to the entry before it. UPDATE and DELETE are revoked at the database role level. If anything anywhere in the chain is altered, our verifier detects it. Customer-exportable as signed CSV or JSON.

※ 05

Granular role-based access

Seven distinct roles (Admin, HR Director, HRBP, Compliance Officer, HR Coordinator, Read-only, Auditor) with explicit grants on every API mutation. Compliance Officers see whistleblower-flagged events without unmasking the reporter to other HR. Admins can revoke access globally in one click.

※ 06

PII redacted before it reaches a model

SSN, DOB, email, phone, credit-card patterns are auto-redacted before any payload reaches an AI provider, an application log, or an error tracker. Names are replaced with [employee] / [manager] tokens in conversation context. Document content is redacted on import where matchers fire.

※ 07

AI that never trains on your data

Customer prompts and documents are never used to train shared models. The contractual commitment lives in every MSA. Zero Data Retention addenda are available on request. Enterprise customers can route AI through their own AWS environment for fully private inference.

※ 08

Validated AI output

Legal review responses are JSON-schema-validated server-side. If a prompt-injected document manipulates the model into producing a malformed verdict, Toby refuses to accept it as compliant. The judgment that gets written to the audit ledger is the verified one.

※ COMPLIANCE

Built for the frameworks that matter.

We don't hand-wave on compliance. The controls are real, the contracts are real, the documentation is available the day you ask.

SOC 2 Type II

Annual third-party audit covering security, availability, processing integrity, and confidentiality. Report available under NDA on request.

HIPAA

HIPAA-compliant architecture. BAA available on Enterprise plans for organizations handling PHI.

GDPR

Article 32 technical and organizational controls implemented. Article 28 Data Processing Agreement available with every contract.

CCPA / CPRA

Service-provider terms in the standard MSA. No sale, no sharing of personal information. California addendum available on request.

Pen-tested

Application security validated by an independent penetration test. Findings remediated before any customer onboarding.

※ THE THREE RULES WE DON'T BREAK

Your prompts never train shared models.

Contractually guaranteed. No exceptions, no carve-outs, no "unless you opt out" language. If we ever change this, you'd see it in a redlined MSA, never a quiet TOS update.

Audit entries are write-once.

Our own database role cannot UPDATE or DELETE audit rows. Even if we wanted to alter the record of what happened in your workspace, we couldn't without breaking the hash chain, and the chain check is a customer-runnable verifier.

You can take it all with you.

Workspace data, audit ledger, document corpus, exportable in machine-readable formats whenever you ask. We retain audit logs for seven years; you keep your own copy as soon as you want it.

※ RESPONSIBLE DISCLOSURE

Found something?

Toby operates a coordinated disclosure program. We respond within 48 hours and acknowledge valid findings publicly with researcher consent.

Report to

security@hiretoby.com

PGP key available on request.

Want our security questionnaire response?

We'll send our standard answer to the SIG, CAIQ, or your custom questionnaire within one business day of your demo call.

Request a demo How Toby works →

※ SECURITY · RESEARCHER ACKNOWLEDGMENTS

Thank you to researchers who report responsibly.

We follow the vulnerability-disclosure process described in our security.txt (RFC 9116). Researchers acting in good faith who report in-scope vulnerabilities to security@hiretoby.com can opt in to being credited here.

No acknowledgments yet. Be the first.