Security & trust
Payroll and PII deserve real protection. Here is ours, plainly.
We would rather tell you exactly how HankHR protects your data — and be honest about what we haven’t finished — than hide behind a badge. This is the current state, in plain language.
Your money never leaves your control
HankHR calculates payroll and produces the bank file — you upload it through your own bank and keep the final click. We hold no float, run no wallet, and never take custody of your funds. It is a deliberate design choice: the trust burden of moving money is one we don’t ask you to take on.
Encryption at rest and in transit
Identification numbers and bank details are encrypted at rest with AES-256-GCM. Organisation secrets are encrypted with a separate owner-only key. Everything travels over TLS. Sensitive fields are masked in the interface by default — revealing one is an explicit, audited action.
Every organisation is isolated
Row-level security is enforced on every tenant table in the database, scoped to your organisation. It is not a filter in application code that a bug could bypass — it is a rule the database itself enforces on every read and write. Payroll results and year-to-date figures are read-only to the app and written only through a locked-down service path.
An append-only audit trail
Changes to people and pay data are recorded in an append-only audit log — who changed what, when, and the before/after. Approved payroll runs are immutable: the employee snapshot, the statutory rule versions, and the results are locked, so any payslip is reproducible months later. Sensitive-field reveals are logged as their own events.
Access, least privilege, and error hygiene
Access is role-based — owners, HR admins, payroll admins, managers, and employees each see only what their role allows, enforced on the server, not just hidden in the UI. The service role that bypasses row-level security runs only on the server, never in the browser. Personal data is scrubbed from error reports before they leave the system.
Your data is yours
Export your employees, payroll history, reports, and documents at any time, in full, with no exit interview. No lock-in, cancel whenever, take everything with you.
Certifications & posture — where we honestly stand
- PDPA (Malaysia & Singapore) and GDPR-aligned data handling: purpose-limited collection, encryption, deletion and export on request.
- SOC 2 Type II — in progress. We are pursuing certification rather than claiming a seal we don’t yet hold. We’ll publish it here the day it’s issued.
- ISO 27001 — planned for our Malaysia and Singapore footprint.
- Infrastructure runs on managed Postgres and a tier-1 cloud, with automated backups. We target 99.9% availability.
Security questions, a vendor review, or something to report? Write to security@hankhr.co.