Company News

Gem Receives SOC 2 Type II Certification

Mike Pinkowish

Mike Pinkowish

Head of Engineering

Posted on

April 23, 2020

We’re excited to announce that Gem, the platform for modern recruiting, has received its SOC 2 Type II compliance certification.

San Francisco, CA - April 23, 2020. We’re excited to announce that Gem, the platform for modern recruiting, has received its Service Organization Control (SOC) 2 Type II compliance certification. SOC 2 is a deep external audit, delivered in a detailed final report, that closely examines a company’s information systems to ensure they meet five principles of trust established by the American Institute of CPAs (AICPA): security, availability, processing integrity, confidentiality, and privacy. SOC 2 certification is awarded to businesses who demonstrate their ability to meet the institute’s high standards in each of those categories. The certification underscores Gem’s commitment to safeguarding customer data—and their candidates’ data—over time.

“One of Gem’s founding core values is customer-centricity,” says Gem’s CEO Steve Bartel. “For us, this translates directly into a commitment to protecting customer data. The thousands of recruiters on our platform have already created 2.6 million candidate profiles; and it’s our responsibility to safeguard both the privacy and the security of those folks—both the talent teams who are using Gem for more efficient hiring flows and better candidate experiences, and the talent whose data Gem is capturing. Everyone who touches our platform should feel, and know, that their information is secure.”

The SOC 2 Type II certification is one of many privacy and security measures Gem has incorporated into its infrastructure, but this latest one is very exciting. We’ve been GDPR compliant from our very first product iterations, and we became certified as compliant with SOC 1 last year. SOC 2 Type I assesses whether a business’ systems and design meet the 5 trust principles at a specific point in time, while Type II attests that they met them over a six-month minimum period. In other words, there’s a rigorous historical element—and proof of continued commitment—to Type II.

Gem’s SOC 2 Type II examination was performed by Barr Advisory, facilitated by Vanta, and our certification as compliant began yesterday, April 22. For each of the security criteria mapped to Gem’s controls over the course of the audit, no exceptions in the controls were noted.SOC 2 Type II is an important industry standard, verifying that Gem’s current and future customers can be confident about their data security and integrity.

A huge shout-out to David Dold, our Head of Compliance, who put many, many hours into this certification over the past 6 months. We'd also like to thank Vanta for helping to simplify and automate many of the controls and policies required to complete the audit. Implementing their platform is a large part of what enabled us to become certified so quickly. Gem will continue to align its data practices with the most current accreditations and certifications. For the most current information on our data protection practices, please visit our Privacy Policy, our GDPR Overview, and our Security Page.


Related posts

Product Newsletter Thumbnail

March 27, 2023

Get more qualified candidates in your pipeline faster with intelligent talent discovery and search

Read article
Product Newsletter Thumbnail
Company News

March 3, 2023

Gem product update: February 2023

Read article
Gem-SAP store
Company News

February 27, 2023

Gem partners with SAP to help enterprise companies recruit more effectively

Read article

Your resource for all-things-recruiting

Looking for the latest data, insights, and best practices? Welcome to the Gem blog. We've got you covered.

newsletter illustration

Get started with Gem today

Source faster, build better relationships, and hire more quality candidates.