ScreeningResume.com Logo

Security

ScreeningResume.com Security

Operated by AI Soup Technologies

Last updated: January 2026

1. Our Commitment to Security

At AI Soup Technologies, security is foundational to ScreeningResume.com. We understand that recruiters and candidates entrust us with sensitive information—resumes, job descriptions, and personal data—and we take that responsibility seriously. This page describes the security practices and controls we have in place to protect your data.

We continuously evaluate and improve our security posture. If you have questions or concerns, please contact us at security@hrcricket.com.

2. Encryption & Data Protection

In Transit

All data transmitted between your browser and our servers is encrypted using HTTPS with modern TLS protocols. This applies to the web application, API communications, and any file uploads (resumes, documents).

At Rest

Data stored in our databases and cloud storage is encrypted at rest using industry-standard encryption provided by our cloud infrastructure provider (Google Cloud Platform). This includes candidate resumes, job descriptions, analysis results, and user account information.

File Integrity

Uploaded files are cryptographically hashed (SHA-256) to ensure integrity and enable deduplication. This prevents tampering and reduces redundant processing of identical documents.

3. Authentication & Access Control

Passwordless Authentication

ScreeningResume.com uses a passwordless, email-based one-time PIN (OTP) authentication system. When you sign in, a unique 6-digit code is sent to your verified email address. This approach:

  • Eliminates password-related vulnerabilities (weak passwords, credential stuffing, password reuse)
  • Reduces phishing risk since there is no static password to steal
  • Ensures only the email account owner can authenticate

Session Management

Authenticated sessions are secured with signed tokens (JWT). Session validity is verified server-side on each request to protected resources. Users can log out at any time, which invalidates their local session.

Role-Based Data Access

Recruiters only have access to data associated with their own account—job postings, uploaded resumes, and analysis reports they created or that have been explicitly shared with them. Candidates can only view and manage their own applications and profile information.

4. Infrastructure Security

Cloud Hosting

ScreeningResume.com is hosted on Google Cloud Platform (GCP), which maintains comprehensive security certifications including SOC 1/2/3, ISO 27001, and more. Our infrastructure benefits from GCP's physical security, network protections, and operational controls.

Secure File Access

When users need to download or view uploaded files (such as resumes), we generate time-limited signed URLs that expire after a short period. This prevents unauthorized access to stored files even if a URL is inadvertently shared.

Input Validation

All user inputs are validated and sanitized on the server side using strongly-typed data models. This helps prevent injection attacks, malformed data, and other input-based vulnerabilities.

5. Data Retention & Deletion

We retain data only as long as necessary to provide our Services and comply with legal obligations. Our data practices include:

  • Recruiter Data: Job descriptions, analysis reports, and uploaded resumes are retained while your account is active. You can delete individual analyses or resumes at any time.
  • Candidate Data: Application data is retained as described in our Privacy Policy. Candidates may request deletion of their personal information from our systems.
  • Account Deletion: Upon request, we will delete your account and associated data, subject to any legal retention requirements.

For details on your privacy rights and how to request deletion, please see our Privacy Policy.

6. Abuse Prevention & Rate Limiting

We implement controls to prevent misuse of the platform:

  • Usage Limits: Analysis features are subject to monthly usage limits to prevent abuse and ensure fair access for all users.
  • Automated Access Restrictions: As described in our Terms of Use, automated scraping, bot access, and bulk operations are prohibited.
  • Monitoring: We monitor for unusual activity patterns that may indicate abuse or security threats.

7. Third-Party Services & Subprocessors

We use trusted third-party services to operate ScreeningResume.com:

  • Cloud Infrastructure: Google Cloud Platform (GCP) for hosting, storage, and database services.
  • AI Processing: Resume analysis and candidate matching features use AI language models. Data sent to these services is used solely to provide the requested analysis and is not used to train models.
  • Email Services: Transactional emails (OTP codes, notifications) are sent through established email service providers.

We vet our service providers for appropriate security practices and maintain contractual obligations regarding data handling.

8. Incident Response

In the event of a security incident that affects your data, we are committed to:

  • Promptly investigating and containing the incident
  • Notifying affected users in a timely manner as required by applicable laws
  • Providing clear information about what happened, what data was affected, and what steps we are taking
  • Implementing measures to prevent similar incidents in the future

9. Vulnerability Reporting

We welcome responsible disclosure of security vulnerabilities. If you discover a potential security issue in ScreeningResume.com, please report it to us at security@hrcricket.com.

When reporting, please include:

  • A description of the vulnerability and its potential impact
  • Steps to reproduce the issue
  • Any relevant screenshots or proof-of-concept code

We will acknowledge receipt of your report, investigate promptly, and keep you informed of our progress. We ask that you give us reasonable time to address the issue before any public disclosure.

10. Continuous Improvement

Security is an ongoing process. We are committed to:

  • Regularly reviewing and updating our security practices
  • Staying informed about emerging threats and vulnerabilities
  • Investing in security tooling and training
  • Evaluating formal security certifications and audits as we grow

This page will be updated as our security practices evolve. We encourage you to review it periodically.

11. Contact Us

If you have questions about our security practices, want to report a vulnerability, or need additional information for your organization's vendor review process, please contact us:

AI Soup Technologies

Operating ScreeningResume.com

Security inquiries: security@hrcricket.com

Website: screeningresume.com

ScreeningResume.com - AI-Powered Recruitment Analysis