We use cookies

PDPL Compliant

We use cookies to enhance your experience on our website. Some are essential for the site to function, while others help us understand how you use the site.

Privacy PolicyLearn More

Sovereign Spotlight

Search across all modules, people, and actions

Enterprise-Grade Securityأمان على مستوى المؤسسات

Your data is protected with industry-leading security measures, full PDPL compliance, and data residency in Saudi Arabia.

Security Features

Encryption

التشفير

AES-256 encryption at rest, TLS 1.3 in transit

Data Residency

إقامة البيانات

All data stored in Saudi Arabia

Audit Logging

سجلات التدقيق

Comprehensive activity logging for 7 years

Access Control

التحكم في الوصول

Role-based permissions and MFA

Compliance

الامتثال

PDPL, ISO 27001, SOC 2 aligned

Key Management

إدارة المفاتيح

Secure key rotation and management

PDPL Compliance

AqlHR is fully compliant with Saudi Arabia's Personal Data Protection Law (PDPL). We implement all required data protection measures to ensure your employee data is handled responsibly.

  • Consent management for data collection and processing
  • Data subject rights (access, correction, deletion)
  • Breach notification procedures within 72 hours
  • Data minimization and purpose limitation
  • Regular privacy impact assessments

Data Residency

All AqlHR data is stored exclusively in Saudi Arabia. We use enterprise-grade data centers in Riyadh with:

  • • 99.99% uptime SLA
  • • Redundant backups
  • • Disaster recovery
  • • Physical security controls

Security FAQ

Is AqlHR PDPL compliant?

Yes, AqlHR is fully compliant with Saudi Arabia's Personal Data Protection Law (PDPL). We implement all required data protection measures including consent management, data subject rights, and breach notification procedures.

Where is AqlHR data stored?

All AqlHR data is stored in Saudi Arabia with data residency guarantees. We use enterprise-grade data centers in Riyadh to ensure your data never leaves the Kingdom.

How does AqlHR protect employee data?

AqlHR uses AES-256 encryption for data at rest and TLS 1.3 for data in transit. We implement role-based access control, audit logging, and regular security assessments to protect employee data.

Does AqlHR provide audit logs?

Yes, AqlHR maintains comprehensive audit logs of all system activities including data access, modifications, and administrative actions. Logs are retained for 7 years to meet regulatory requirements.

What certifications does AqlHR have?

AqlHR is designed to meet ISO 27001 security standards and SOC 2 Type II requirements. We undergo regular third-party security assessments and penetration testing.

How does AqlHR handle data deletion requests?

AqlHR supports PDPL data subject rights including the right to deletion. Upon verified request, we can delete personal data within 30 days while maintaining required legal records.

Is AqlHR's AI secure?

Yes, our AI systems are designed with security in mind. AI models are trained on anonymized data, and we implement strict access controls to prevent unauthorized access to AI-processed information.

Does AqlHR share data with third parties?

AqlHR does not sell or share your data with third parties for marketing purposes. Data is only shared with government systems (GOSI, Qiwa) as required for compliance, with your explicit consent.

Questions About Security?

Our security team is ready to answer your questions and provide detailed documentation.