Encryption at rest and in transit
All data stored in FOWL HR is encrypted using AES-256 at rest. Every connection between your browser and our servers uses TLS 1.3, ensuring data is never transmitted in plaintext.
AES-256 Encryption at Rest
All database fields, file uploads, screenshots, and backups are encrypted at rest using AES-256-GCM. Encryption keys are managed by AWS KMS with automatic key rotation every 90 days.
TLS 1.3 in Transit
All data in transit is protected by TLS 1.3. We enforce HTTPS across all endpoints and use HSTS with a minimum 1-year policy. TLS 1.0 and 1.1 are disabled.
Key Management
Encryption keys are stored separately from data, managed through AWS Key Management Service (KMS). No FOWL HR employee can access plaintext encryption keys.
Screenshot & Activity Data
All captured screenshots are encrypted immediately upon upload and accessible only to authorized managers within the account. Raw screenshot data is never indexed or scanned.
Who can see what — and how they get in
FOWL HR uses role-based access control (RBAC) with granular permissions. Authentication supports SSO, MFA, and enforced session policies.
- Multi-Factor Authentication (MFA): TOTP-based MFA (Google Authenticator, Authy) is available for all users and can be enforced organisation-wide by admins.
- Single Sign-On (SSO): Supports SAML 2.0 and OIDC integration with Google Workspace, Microsoft Entra ID (Azure AD), Okta, and OneLogin.
- Role-Based Access Control (RBAC): Predefined roles — Owner, Admin, Manager, HR Specialist, Employee — with customisable permission scopes per department and data type.
- Least-Privilege Principle: Employees only see their own data by default. Managers see only their direct team. Cross-team access requires explicit admin grant.
- Session Management: Configurable session timeouts (15 min – 8 hrs). All active sessions visible and revocable from the account security dashboard.
- IP Allowlisting: Enterprise accounts can restrict login to approved IP ranges or office VPNs.
- Password Policy Enforcement: Minimum 12-character passwords with complexity requirements, breach detection via HaveIBeenPwned API, and forced rotation configurable by admin.
| Role | Employee Records | Screenshots & Activity | Payroll & Comp | Admin Settings |
|---|---|---|---|---|
| Owner | All employees | All employees | Full access | Full access |
| Admin | All employees | All employees | Read only | Partial |
| Manager | Direct reports only | Direct reports only | None | None |
| HR Specialist | All employees | None | Read only | None |
| Employee | Own record only | Own data only | Own only | None |
Privacy built in by design
We follow Privacy by Design principles. We collect only what's needed to deliver the service, and we give employees full transparency and control over their data.
Transparency
Employees are notified when monitoring is active. Screenshot capture, activity tracking, and idle detection are visible to the employee in real time.
Data Minimisation
We only collect data necessary to provide the service. Screenshots are configurable — frequency, blurring level, and capture scope are all admin-controlled.
Right to Erasure
Employees and admins can request full data deletion. All personal data is purged within 30 days of a verified erasure request.
Meeting global regulatory requirements
FOWL HR is designed to support compliance with major data protection regulations across jurisdictions.
| Framework / Regulation | Scope | Status | Notes |
|---|---|---|---|
| SOC 2 Type II | Security, Availability, Confidentiality | Active | Annual audit by independent third party. Report available under NDA. |
| GDPR | EU/EEA personal data | Compliant | DPA available. Data residency in EU available for EU customers. |
| CCPA / CPRA | California residents | Compliant | Data subject request portal included. Privacy notice available. |
| ISO 27001 | Information Security Management | In Progress | Certification expected Q3 2026. |
| HIPAA | Health information (where applicable) | BAA Available | Business Associate Agreement available for healthcare customers. |
| UK GDPR / DPA 2018 | UK personal data | Compliant | ICO registered. UK data residency available. |
Enterprise-grade cloud infrastructure
FOWL HR runs on AWS with multi-region redundancy, automatic failover, and 99.9% uptime SLA.
- Cloud Provider: Amazon Web Services (AWS) — us-east-1 (primary), eu-west-1 (EU customers), ap-southeast-2 (APAC customers).
- Network Isolation: All services run inside private VPCs. Production, staging, and development environments are fully isolated.
- DDoS Protection: AWS Shield Advanced and AWS WAF protect all public endpoints.
- Penetration Testing: Annual external penetration tests conducted by an independent security firm. Findings are remediated within SLA by severity.
- Vulnerability Management: Continuous dependency scanning via Dependabot and Snyk. Critical CVEs patched within 24 hours.
- Uptime SLA: 99.9% monthly uptime SLA for all paid plans. Real-time status available at status.fowlhr.org.
Backups
Automated database snapshots every 6 hours, retained for 30 days. Point-in-time recovery available within the retention window. Backups are encrypted and stored in a separate AWS region.
Disaster Recovery
RTO of < 4 hours, RPO of < 1 hour. Failover testing performed quarterly. Full DR runbook maintained and reviewed annually.
What we store, for how long, and why
We retain data only as long as needed to deliver the service or meet legal obligations. You can configure custom retention policies for your account.
| Data Type | Default Retention | Configurable? |
|---|---|---|
| Employee records | Duration of employment + 7 years | Yes (admin) |
| Screenshots | 90 days | Yes — 7 to 365 days |
| Activity & time logs | 3 years | Yes — 1 to 7 years |
| Payroll & compensation history | 7 years | No — legal requirement |
| Audit logs | 2 years | No |
| Session & login history | 90 days | No |
| Deleted employee data | Purged within 30 days of offboarding | Yes |
| Backups | 30 days | No |
Rights employees have under FOWL HR
FOWL HR is designed to respect and uphold employee data rights in compliance with GDPR, CCPA, and other applicable laws.
- Right to Access: Employees can view all data held about them — time logs, activity reports, screenshots taken on their device — from their personal dashboard.
- Right to Rectification: Employees can dispute and request corrections to inaccurate records. HR admins are notified and must respond within 30 days.
- Right to Erasure: Employees may request deletion of personal data. Requests are fulfilled within 30 days unless legal retention obligations apply.
- Right to Portability: Employees can export all their personal data in machine-readable format (JSON or CSV) from the employee portal.
- Right to Restrict Processing: Employees can request a temporary hold on processing while a dispute is being resolved.
- Right to Object: Employees may object to specific uses of their data. Objections are reviewed by the Data Protection Officer within 14 days.
- Notification of Monitoring: Employees are always informed before monitoring begins. FOWL HR does not support covert or undisclosed monitoring.
How we respond to security incidents
FOWL HR maintains a documented incident response plan tested quarterly. In the event of a breach, we notify affected customers within 72 hours as required by GDPR.
Detection & Triage
24/7 automated monitoring via AWS GuardDuty, CloudTrail, and SIEM alerting. All severity-1 alerts page the on-call security engineer within 5 minutes.
Containment
Affected systems are isolated immediately. Playbooks exist for common incident types. Escalation paths are defined for all severity levels.
Customer Notification
Affected customers are notified within 72 hours of a confirmed breach. We provide full transparency on scope, data affected, and remediation steps taken.
Sub-processors and integrations
FOWL HR uses a limited set of vetted sub-processors. All third parties are required to meet our security standards and are covered by Data Processing Agreements.
| Sub-processor | Purpose | Data Shared | Location |
|---|---|---|---|
| Amazon Web Services | Cloud infrastructure, storage, compute | All hosted data | US, EU, APAC |
| Stripe | Payment processing | Billing info only | US, EU |
| SendGrid | Transactional email | Name, email address | US |
| Datadog | Infrastructure monitoring & logging | Anonymised logs | US, EU |
| PagerDuty | On-call alerting | Anonymised alert data | US |
The full sub-processor list is available on request. We will notify customers at least 30 days before adding any new sub-processors that process personal data.
Full visibility into every action
FOWL HR maintains comprehensive audit logs for all admin and HR actions. Logs are tamper-proof, retained for 2 years, and exportable for compliance reviews.
- Admin audit log: Every admin action — role changes, settings updates, data exports, deletions — is logged with timestamp, actor, IP address, and outcome.
- Login & access log: All login attempts (successful and failed), MFA events, and session activity are recorded.
- Data export log: Any export of employee data is logged and generates an email notification to the account owner.
- HR change log: All changes to employment status, compensation, and personal records are tracked with before/after values and approver identity.
- SIEM integration: Enterprise customers can stream audit logs to their own SIEM (Splunk, Datadog, Sumo Logic) via webhook or S3 export.
- Tamper-proof storage: Audit logs are append-only and stored separately from operational data. They cannot be modified or deleted by any user, including admins.
Get in touch
Have a security question, need our SOC 2 report, or want to report a vulnerability? Our security team responds within 48 hours.
Security & Compliance
For security questions, vulnerability reports, SOC 2 requests, and DPA enquiries: security@fowlhr.org
Data Protection Officer
For GDPR/CCPA data subject requests, privacy concerns, or DPO contact: privacy@fowlhr.org
Ready to get started?
See how FOWL HR fits your team's needs — no commitment required.