Trust

Trust Center

Last Updated: March 2026

The GABE HRIS Trust Center provides transparency into our security practices, privacy protections, and responsible use of artificial intelligence. We design our platform with governance, compliance, and data protection as core architectural principles.

Security Contact:
Responsible disclosure reports may be sent to [email protected].
Encryption in transit
Least privilege access
Audit logging
Security monitoring
No tracking cookies in application
AI human oversight
SOC 2 and NIST aligned principles

Security Principles

Access Controls
  • Role-based access control (RBAC)
  • Administrative privilege restrictions
  • Least privilege architecture
  • Controlled internal system access
Data Protection
  • TLS encryption for data in transit
  • Encrypted storage layers where supported
  • Secure authentication mechanisms
  • Token-based authentication
Operational Security
  • Infrastructure monitoring
  • System logging and audit trails
  • Backup and recovery practices
  • Incident response procedures

Privacy by Design

The GABE HRIS application is intentionally designed to minimize unnecessary data collection and third-party exposure.

  • No tracking cookies are used within the GABE HRIS application.
  • No third-party advertising trackers are embedded within the platform.
  • No external analytics scripts are deployed inside the application environment.
  • Authentication uses JWT tokens stored in localStorage rather than session cookies.

This “no cookies” statement applies to the GABE HRIS application. The public marketing website may use essential cookies if required for site security or embedded functionality.

Compliance Alignment

GABE HRIS is designed with alignment to common enterprise security frameworks including SOC 2 and NIST-based control principles. This alignment supports customers operating in regulated and security-sensitive environments. This Trust Center is informational and does not constitute a guarantee of compliance.

AI Governance

Artificial intelligence capabilities within GABE HRIS are designed to assist HR professionals, not replace them. AI outputs must always be reviewed and approved by authorized personnel.

  • AI assists with HR documentation, policy generation, and compliance awareness.
  • AI does not make employment decisions.
  • AI does not autonomously modify HR policies.
  • Human review is required before implementing AI-generated recommendations.

Policies and Documentation

Security & Compliance Overview
View
Data Processing Agreement
View
Privacy Policy
View
AI Responsible Use Policy
View
Acceptable Use Policy
View
Terms of Service
View

Reporting Security Issues

If you believe you have discovered a security vulnerability affecting GABE HRIS, please report it responsibly.

  • Email: [email protected]
  • Please include a detailed description of the issue and steps to reproduce it.
  • Do not include sensitive personal data in your report.
Contact

Security: [email protected]
Privacy: [email protected]
Support: [email protected]
Legal: [email protected]

© 2026 Gabe Technologies LLC