A people-first data policy

Erudit provides real-time insights to improve employee well-being and empower a happier workforce. Our mission demands a data policy that prioritizes the privacy and security of each and every employee.

There is zero human interaction with employee data to ensure your privacy and protection.

Your peace of mind is our priority.

Keep us accountable.

We are committed to constantly improving data privacy and security practices. Drata, a third-party security and compliance automation platform, created a personalized Security Report for Erudit, showing our real-time progress towards SOC 2 accreditation.

Data encryption
No data stored
Multi-factor identification
Intrusion detection

Frequently Asked Questions

If you have any other concerns, please don't hesitate to contact us!

Does Erudit have an intrusion detection system?

Erudit has deployed an intrusion detection system that is designed to identify and react to any unauthorized efforts to access our systems or data. This system constantly monitors our networks for any atypical activity and immediately notifies our security team if it identifies any suspicious behavior in real-time.

Does Erudit have any data loss prevention system?

Erudit has implemented data loss prevention systems to prevent the unauthorized disclosure of sensitive information. These systems monitor data traffic and can identify and prevent the transfer of sensitive data.

Is Erudit using multi-factor authentication?

Erudit uses multi-factor authentication to protect against unauthorized access to our systems and data.

Has a third party done an external audit or pen tests?

Erudit undergoes regular external audits and penetration testing by independent third-party firms to ensure that our systems are secure and up-to-date.

Does Erudit have any certification?

Erudit is committed to maintaining the highest standards of data privacy and security. We’re currently in the process of obtaining both ISO 27001 and SOC 2 Type II compliance certificates.

How long is data stored?

The length of time that data is stored varies depending on the Data Sharing Agreement signed with the customer. On top of that, we follow industry best practices and legal requirements.

Is data stored? Who has access to it?

By default, Erudit does not store customer data. If a given customer happens to have a Data Sharing Agreement, data is stored in an isolated AWS environment (account and region), and only very limited, authorized personnel have access to it using fine-grained, role-based access control (RBAC).

Is data encrypted? What are you using to encrypt your data?

Erudit takes data privacy and security very seriously, so all sensitive data is encrypted both in transit and at rest. We use industry-standard encryption algorithms such as AES-256 to protect the confidentiality of data, having the keys stored in an isolated AWS environment in KMS.

People-first means a premium on trust & transparency.

All the information on Erudit's data privacy and security are detailed in a downloadable document found below.