How does Neobrain protect customer data?

Neobrain uses advanced encryption protocols, strict access control systems, and regular audits to ensure the security of sensitive data.

Is Neobrain GDPR compliant?

Yes. Neobrain complies with all requirements of the General Data Protection Regulation (GDPR), including data minimization, transparency, and user rights.

Where is the data hosted?

Data is hosted in France and Europe through cloud providers that meet ISO 27001 standards and are certified for hosting sensitive data.

Comment Neobrain protège-t-il les données de ses clients ?

Neobrain utilise des protocoles de chiffrement avancés, des systèmes de contrôle d’accès stricts et des audits réguliers pour garantir la sécurité des données sensibles.

Neobrain est-il conforme au RGPD ?

Oui. Neobrain respecte l'ensemble des obligations du Règlement Général sur la Protection des Données (RGPD), notamment la minimisation des données, la transparence et les droits des utilisateurs.

Où sont hébergées les données ?

Les données sont hébergées en France et en Europe via des partenaires cloud conformes aux standards ISO 27001 et certifiés HDS pour l’hébergement de données sensibles.

Total security and confidentiality of your HR data

HR data security is our top priority and we’re proud to offer confidential, secure HR data management. With our robust HR data privacy and security measures, you’re in safe hands. That’s why security and privacy are strategic priorities for Neobrain.

Request a demo

Highly secured HR data

Data transfer

All data transfer within the application isencrypted.

Encryption

The SSL encryption used at Neobrain is comparable to that used for bank transfers!

The certificates used by Neobrain’s technical teams come from recognized public certification authorities.

Certificates

RGPD: data hosted in France

At Neobrain, we attach particular importance to ensuring the confidentiality and security of your data. These are hosted by OVH in France, no transfer takes place outside the EU.

Data processing agreement

Our Data Processing Agreement (DPA) is in accordance with GDPR requirements.

Data protection officer

A Data Protection Officer (DPO) has been appointed, he is also the RSSI manager (Information System Security Manager). Its mission is to ensure that information system security policies (PSSI) meet the requirements several standards, as well as legal obligations on the Protection of Personal Data.

Our commitment

We are committed to comply with our obligations as defined in article 28 of the RGPD. As a result, we have complied with the requirements of the RGPD by appointing in particular a Data Protection Officer (DPO).

We also make the following commitments:

Only process the personal data of your employees in the context of the creation and execution of the Neobrain online services to which you have subscribed.

Do not transfer your data outside of the EU.

You inform of any changes subcontractors that we use to store or process some of your personal data.

Reserve access to your data personal to only Neobrain employees duly authorized to assist you in the context of support functions.

Guarantee you a high level of security and the protection of your data.

Raise awareness among our employees about Confidential nature of the data staff and train them.

You notify within 24 hours in the event of a data breach. If the violation involves a risk for the rights and freedoms of the persons concerned, the data controller will notify this violation to the Commission Nationale de l'Informatique et des Libertés (CNIL) as soon as possible and within a maximum of 72 hours.

Neobrain on constant watch

Audits and recommendations are carried out internally by our experts through tests, code reviews and various verifications. We regularly activate our audits to identify potential vulnerabilities and establish action plans to reduce risks.

Testing

Intrusion and security tests are performed internally by the technical team:

Unit tests

To have visibility on the quality of the code, its performance (in all conditions of load) and its vulnerability.

Constant monitoring of possible flaws

Antivirus, regular control of the application and its vulnerabilities on various environments before going into production. We ensure the quality, the proper functioning and the security of all the application’s functionalities.

Technical tests

In order to make sure that a function meets all the requirements, the robustness of the platform is also analyzed during this process.

Regular control

Regular control with SQL injection tests, penetration tests, code reviews, security and vulnerability of all developments (compliance with the list of application vulnerabilities OWASP TOP 10).