Security at Yoetz.ai
Built for enterprise HR teams who need confidence that their platform credentials and configuration data are handled with care. Here is exactly what we do.
Read-only by design
Yoetz.ai connects to your HR platform to read configuration data only. It cannot modify records, submit transactions, or alter any settings. Every outbound connection is enforced at the code level — write operations are blocked regardless of the credentials provided.
Credentials encrypted at rest
Your HR platform credentials are encrypted using AES-256-GCM before they are stored. The encryption key is held separately from the database. Credentials are decrypted in memory only at scan time, used solely to obtain a short-lived OAuth access token, and never logged or forwarded to any third party.
OAuth 2.0 for all platform connections
Yoetz.ai uses OAuth 2.0 for every HR platform integration — refresh token flow for Workday, SAML 2.0 Bearer for SAP SuccessFactors, and IDCS Client Credentials for Oracle HCM. Access tokens are short-lived and discarded after each scan.
Minimal data, masked at the source
Yoetz.ai does not read employee personal records, payroll data, salary figures, or benefits enrollments. Where user identifiers appear in configuration data (such as integration service account names), they are masked before any analysis or storage. Approver identifiers are discarded entirely.
Full audit log of every API call
Every call Yoetz.ai makes to your HR platform is recorded — what endpoint was called, when, and the HTTP response code. Logs are retained for 90 days and are available to your account administrator. This log is designed to satisfy Workday Design Approved and SAP ARC compliance review requirements.
Encrypted in transit
All connections use HTTPS with TLS 1.2 or higher. HTTP Strict Transport Security (HSTS) is enforced on all engine endpoints. Yoetz.ai is hosted on Cloudflare (web) and Railway (scan engine), both of which enforce TLS at the platform level.
Your data stays yours
Each customer account is fully isolated at the database level using row-level security. No tenant can access another tenant's credentials, scan results, or audit logs. Concurrent scans for different accounts are isolated at the engine level and cannot share state.
Sub-processors
Yoetz.ai uses the following infrastructure providers:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database hosting | AWS us-east-1 |
| Railway | Scan engine hosting | US |
| Cloudflare | Web application | Global edge |
| Anthropic | AI summary generation (findings only — no raw HR data) | US |
A Data Processing Agreement (DPA) is available on request for customers who require one for GDPR compliance.
Partner program alignment
Yoetz.ai is designed to meet the technical requirements of the Workday Innovation Partner program and SAP PartnerEdge Build Application Readiness Check (ARC). Our security architecture, data flow documentation, and incident response procedures are available to Workday and SAP partner review teams upon request.
Security questions?
If you have a security concern, vulnerability report, or need documentation for a compliance review, contact us at:
We aim to respond to all security inquiries within 1 business day.