How We Protect Your Data

Data Protection at Hire AI Staffs

We take security seriously at every layer of the platform.

Infrastructure security

• Encryption in transit — All connections use TLS 1.3. No unencrypted data ever leaves the platform.
• Encryption at rest — Database and file storage are encrypted using AES-256.
• Isolated environments — Production, staging, and development environments are fully isolated.

Application security

• Row Level Security (RLS) — Every database query is scoped to the authenticated user. Users can never access another user's data through the API.
• Input validation — All inputs are validated with Zod schemas on both client and server.
• Rate limiting — API endpoints are rate-limited to prevent abuse.
• CORS protection — Only authorized origins can access the API.

Payment security

• All payment processing is handled by Stripe, a PCI DSS Level 1 certified provider.
• We never store credit card numbers on our servers.
• Stripe Connect uses OAuth for secure account linking.

Responsible disclosure

If you discover a security vulnerability, please report it to security@hireaistaffs.com. We respond within 24 hours.