Security
How we protect your data and how to contact us about security concerns
Security Contact
For security vulnerabilities, data deletion requests, or privacy questions:
Response Time: Within 48 hours for security issues, 5 business days for other inquiries.
Responsible Disclosure
If you discover a security vulnerability in CandidateMatch, please help us by:
- check Emailing us directly at security@riegergroup.com before public disclosure
- check Providing enough detail for us to understand and reproduce the issue
- check Allowing reasonable time for us to address the vulnerability
- check Not accessing or modifying data belonging to other users
We appreciate the security community's help in keeping our users safe and will acknowledge responsible disclosures.
Our Security Practices
lock Data Encryption
- TLS 1.3 encryption for all data in transit
- AES-256 encryption for data at rest
- Secure key management via Azure Key Vault
cloud Infrastructure
- Microsoft Azure cloud hosting
- Enterprise-grade security certifications
- Regular security updates and patching
verified_user Access Control
- Role-based access controls
- Multi-tenant data isolation
- Audit logging of sensitive operations
shield Application Security
- Input validation and sanitization
- Protection against common web vulnerabilities
- Secure authentication with ASP.NET Identity
Data Handling
Not Used for AI Training
Your data is never used to train AI models. Third-party AI providers operate under strict data processing agreements.
Organization Isolation
Your job descriptions and candidate data are only accessible to users in your organization.
Data Deletion
You can delete individual reports or request complete account deletion at any time.