Security

Built for hiring teams handling candidate data.

Your resumes, interview recordings, transcripts, and reviewer notes live inside a platform designed around tenant isolation, role-based access, and human oversight of AI outputs.

Hiring dataInterview recordingsRole-based accessAudit visibilityPrivacy requestsHuman oversight
Privacy policyContact us

At a glance

Tenant-scoped

Customer data is partitioned by tenant at the database layer. There is no flat admin surface across workspaces.

Reviewable

Overrides, notes, and review activity stay visible alongside AI outputs so decision context is never buried.

Candidate-aware

Consent, export, deletion, and retention are part of the product workflow — not a separate manual process.

Control Areas

The four control areas we design around

Data protection, access, privacy operations, and AI control. Each area maps to a specific part of the product, not a marketing claim.

Data protection

Resumes, interview recordings, transcripts, and reviewer notes live inside a platform built for sensitive hiring data.

  • Encryption in transit and at rest for application traffic and stored artifacts.
  • Tenant-scoped access enforced at the database layer, not just in the UI.
  • Structured handling of recordings, transcripts, summaries, and exports.

Access and identity

Hiring teams control who can review interviews, configure jobs, and manage integrations through role-based permissions.

  • Role-based permissions for recruiter, hiring-manager, and admin workflows.
  • Multi-factor authentication available for workspace sign-in.
  • Audit visibility for sensitive actions such as review changes and exports.

Privacy operations

Consent, export, and deletion are product workflows. Privacy requests do not depend on a support ticket reaching the right person.

  • Consent-aware candidate flows for recordings and interview processing.
  • Export, deletion, and data-handling requests routed through the application.
  • Retention defaults with customer-configurable overrides available per plan.

AI control surface

AI interviewing only works if the inputs and outputs stay reviewable. We treat both as part of the security boundary.

  • Defined paths for how resumes, transcripts, and imported content move through AI-assisted workflows.
  • Human review and override paths on every recruiter-facing output.
  • Clear documentation of where automation helps and where humans stay accountable.

At A Glance

What to know in 30 seconds

The three takeaways we want every security reviewer to leave with.

Built for hiring data

The platform handles candidate PII, recordings, transcripts, and review evidence. The architecture is built around that, not retrofitted to it.

Humans own the decision

AI structures evidence and surfaces signal. Employers make the hiring call. The product reinforces that on every reviewer-facing surface.

Deeper answers on request

Vendor notes, architecture overview, and additional materials are available for diligence. Email security and we will route the right documents.

Security FAQ

Frequently asked questions

Common questions from buyers, security reviewers, and procurement teams.

What security materials are available?Open

This security overview and the privacy policy are public. Additional diligence materials are available on request via privacy@skillflo.ai.

How are interview recordings and transcripts handled?Open

Recordings, transcripts, notes, and scoring artifacts are sensitive hiring data. They are stored inside the tenant boundary, accessed through scoped roles, and removed when customers run an export or deletion workflow.

Who can see interview data inside a workspace?Open

Customers control that. Workspace roles, admin controls, and audit visibility let you decide who reviews interviews, changes settings, or exports data.