HR Data Security on Salesforce

Full Protection for Your HR Data

Keep your HR data safe with enterprise-grade security tech. flair is built on Salesforce, so you can comply with GDPR, SOC 2, and more.

Proactive Data Protection

flair undergoes regular security reviews as part of our partnership status and benefits from Salesforce’s robust security framework, designed to protect data at every level.

Yearly Salesforce security audits

As a solution on the AppExchange, flair is subject to detailed Salesforce security audits.

Best-in-class security model

Salesforce employs a comprehensive data security structure with multiple layers.

Data sovereignty provisions

Salesforce provides ways for global businesses to fulfill data sovereignty obligations.

Additional data shield monitoring

Salesforce Shield offers flair users extra safety with event monitoring and Field Audit Trail.


Harald Mayer

CPO and Co-Founder

HQ Munich

Salesforce DevOps

Customer Since 2022

Read success story

“Having an HR platform on Salesforce is a no-brainer to us because it allows us to leverage our Salesforce knowledge to do integrations and to enhance processes.”

Data Encryption

Shield-Protect HR Data

Salesforce provides encryption mechanisms to safeguard data both at rest and in transit. Shield Platform Encryption on Salesforce secures data with 256-bit AES encryption.

  • Safeguard HR docs or other files and attachments
  • Encrypt a wide range of standard and custom fields
  • Manage and rotate encryption keys for greater control
Security Automation

Flexible Security Management for Company HR

Salesforce deploys a number of automated security measures that identify and respond to security incidents in real-time.

  • Benefit from human and AI threat detection
  • Automatically track changes using audit trail settings
  • As an admin, health check your Salesforce security configurations
Customizable Security

Role-Based Access Control

Role-based user access control ensures data security by defining access levels based on positions within your company. Use permission sets for more granular security customization.

Data Sovereignty

Compliance-Driven Data Storage

With Salesforce services such as the Hyperforce EU Operating Zone and a network of global data centers, flair users can rest assure knowing their data is in full compliance with local data protection and sovereignty standards.


Integrations To Elevate Your HR

Frequently Asked Questions

What does it mean to be a Salesforce native HR solution?

Being a Salesforce native HR solution means flair operates within the Salesforce eco-system. Users can efficiently manage their HR and recruitment tasks utilizing the highly customizable features, robust data management capabilities, and broad integration options offered by the world-leading CRM platform.

flair is available on the Salesforce AppExchange. The AppExchange is an app store for Salesforce users, where they can find and install solutions that extend their Salesforce experience.

To be on the AppExchange, flair is built to meet Salesforce's high standards for quality, security, and performance. This means users can trust flair to deliver a reliable and scalable HR solution that aligns with Salesforce's best practices and guidelines.

Is my data safe with flair?

As flair is built on the Salesforce platform, it inherits the same high level of security protection provided by the world’s leading CRM. flair HR users’ data is stored and processed within the Salesforce environment. This helps you comply with data residency and data sovereignty rules.

Some of the top security benefits of a Salesforce-native platform like flair include Salesforce Shield Platform Encryption both at rest and in transit, multi-factor authentication, data loss prevention measures, and security audits to ensure compliance with various industry standards and regulations such as ISO 27001, SOC 2 Type II, and GDPR.

What is data sovereignty?

Data sovereignty refers to the concept that data is subject to the laws and regulations of the country in which it is collected, processed, and stored. For example, many countries have strict regulations regarding the handling of personal data, especially sensitive information such as employee records. Adhering to data sovereignty ensures compliance with these regulations, avoiding legal consequences and penalties.

Salesforce recognizes the significance of data sovereignty for global businesses and offers solutions to help them comply with various regulations. For instance, Salesforce introduced the Hyperforce EU Operating Zone in early 2023 specifically for companies handling customer data within the EU. This service establishes three availability zones located in EU data centers and provides EU-based customer support and technical assistance. Additionally, outside of Europe, Salesforce operates data centers in the USA, UK, and Japan, along with availability zones in the Asia Pacific region, the Americas, and the Middle East. Thanks to Salesforce's data sovereignty provisions, flair users can enjoy compliance with local laws as well as global regulations.

What is a Salesforce security health check?

A Salesforce security health check is a comprehensive assessment conducted within the Salesforce platform to evaluate an organization's security setup. A summary score indicates how your organization compares to a security baseline, such as the Salesforce Baseline Standard. You can upload other custom baseline standards if you wish.

The process involves reviewing various aspects of security configurations, settings, and user access controls to identify potential vulnerabilities, misconfigurations, or areas for code improvement. For example, assessing authentication methods and single sign on configurations can ensure that user credentials are adequately protected and that access to Salesforce is properly authenticated.

Visualforce pages often handle sensitive data and interact with various Salesforce functionalities. So, reviewing Visualforce code can help identify potential security weaknesses for threats like injection attacks. For more information on Salesforce security health checks check out this Salesforce support page.

What is Salesforce Shield Encryption?

Salesforce Shield Encryption employs advanced encryption techniques to safeguard sensitive HR data stored within the platform. This includes encrypting data "at rest" – when it's stored in databases – as well as "in transit" – when it's being transferred between users or systems.

This type of encryption allows organizations and HR departments to protect sensitive information such as employee personal details, salary records, and performance evaluations. Encryption assists organizations in complying with data regulations such as the US Health Insurance Portability and Accountability Act (HIPAA) and the European Union General Data Protection Regulation (GDPR), which recommends such information security. Salesforce Shield Encryption also offers auditing and monitoring capabilities, enabling administrators to track access to encrypted HR data and monitor changes to encryption settings

The Bring Your Own Key (BYOK) feature of Shield Platform Encryption provides an additional safeguard in the event of unauthorized access to essential data, enhancing protection levels. For more information on Salesforce Shield Encryption, check out the Salesforce website.

Book Your Personal Demo

Ready to see how your organization will thrive with flair? Get in touch with us to discuss your needs and see how flair can help you achieve HR harmony.

Take a tour of flair tailored to your top priorities

We’ll support you throughout the process

Request a Demo
people on banquet