Legal

Security

Last updated: June 6, 2026

Our commitment

Protecting customer and candidate data is central to Huntlo. We combine technical controls, operational practices, and vendor management to reduce risk across our platform.

Infrastructure and access controls

Production systems are hosted on reputable cloud infrastructure with network isolation and monitoring.
Access to production environments is limited to authorized personnel on a need-to-know basis.
Administrative access uses strong authentication and is logged and reviewed.
Secrets and credentials are managed using secure storage mechanisms rather than hard-coded values.

Data protection

Data in transit is encrypted using TLS for connections to Huntlo applications and APIs.
Sensitive data at rest is protected using industry-standard encryption where appropriate.
Role-based access controls limit who can view customer account data within Huntlo.
Backups and recovery processes are maintained to support business continuity.

Application security

We follow secure development practices including code review and dependency monitoring.
Authentication supports industry-standard flows, including OAuth where integrations require it.
Session and token handling is designed to reduce unauthorized account access.
We monitor for abnormal activity and operational incidents affecting the platform.

Vendor and subprocessors

Huntlo uses trusted third-party providers for hosting, messaging, analytics, payments, and AI processing. We evaluate vendors for security and contractual data protection commitments appropriate to the services they provide.

Incident response

We maintain procedures to investigate, contain, and remediate security incidents. Where required by law or contract, we will notify affected customers of incidents involving their data without undue delay.

Your responsibilities

Security is shared. You can help protect your account by:

Using strong, unique passwords and enabling available security controls.
Limiting account access to authorized team members.
Reviewing outreach content and integrations before enabling automated sending.
Promptly reporting suspicious activity related to your Huntlo account.

Reporting a vulnerability

If you believe you have discovered a security vulnerability in Huntlo, please report it to security@huntlo.ai with enough detail for us to reproduce and investigate. Please do not publicly disclose issues before we have had a reasonable opportunity to address them.