Hire employees in 180+ countries

Hire international contractor

Find the best candidates for your team

Retain talents with the best benefits

Work visa & permit services

Explore all our add-ons

Our borderless team and our mission

How we accelerate global hiring

Discover our partner benefits

Platform news and annoucements

Our offices around the world

How we keep your data secure

Shape your global hiring strategy

Global hiring cost insights

Calculate employment cost

security & privacy

Data security and privacy

At Horizons, platform security is the foundation of our products and services. Safeguarding your data and maintaining your trust are our top priorities.

Join 3,000+ companies already hiring with Horizons
APN-Logo_Color

Horizons uses Amazon Web Services (AWS) as its hosting provider.

Our customer data is stored on servers within the European Union, in Frankfurt, Germany.

Horizons complies with the requirements of the EU GDPR, ensuring your data is protected.

We follow state of the art security standards

Horizons uses modern security protocols. All our data is hosted on Amazon Web Services storage platform within the European Union. We use end-to-end encryption for all external network communication.

In addition, we use master-to-master data replication for highly available data storage. Our systems are regularly tested by external penetration testing teams.

gdpr-compliant

100% GDPR compliant

Your employee data is for your eyes only. We go to great length to ensure a fully GDPR compliant payroll process and platform.

We take special care of the data submitted to us during the onboarding process. Both our employees handling the process and customers sign separate confidentiality agreements.

Our commitment to performance and reliability

Please visit our dedicated status page to stay informed about our latest uptime statistics and available data.

On this page, you can find real-time information about our service performance and any ongoing issues. Additionally, you can subscribe to service updates, ensuring you receive timely notifications about maintenance, downtime, and other important announcements.

Uptime

Frequently Asked Questions

The system is hosted on AWS and resides in the Europe (Frankfurt-Germany) Region.

Horizons adheres to all foundational network security (encryption through TLS) on all public networks. We also deploy a WAF that adheres to OWASP security standards and all ingress traffic is monitored through this. We have runtime security scanners that monitor outbound calls to suspicious destinations.

Physical security is maintained by AWS at their data center. More information on AWS’s Security and compliance can be found here.

All transmissions between the customer and the server, as well as with external systems, is secured via end-to-end encryption using TLS. Horizons maintains clear segregation between its testing and production environments. The network of Horizons is isolated from the internet, with the exception of a single point of entry (proxy). Every point within the network adheres to rigorous firewall regulations. Additionally, all accesses to production can be recorded and inspected through the use of a jumpbox.

All internal applications at Horizons undergo rigorous scanning for vulnerabilities using tools like Static Application Security Testing (SAST) and third-party dependency scanners. Horizons aims to maintain an update cadence of N-1 versions for the open-source software it uses, with immediate updates whenever security patches are identified and flagged.

Yes, data is indeed encrypted at rest. This is a standard practice provided by AWS. In addition to that, Horizons’ software also ensures further security by encrypting all personally identifiable information. This guarantees that such data is safely stored in EBS, RDS, and other AWS services.

Any data that is transmitted over public networks is secured through the use of TLS, ensuring encryption while in transit.

Horizons has robust onboarding and offboarding processes in place for all users, bolstered by regular monthly user evaluations and the generation of audit logs. These logs are established to monitor authentication and scrutinize logical system and data access, as well as modifications. Furthermore, system technical occurrences, like errors, are independently tracked and logged.

Horizons mandates the use of Multi-Factor Authentication (MFA) for all members of the support and/or administration team.

Horizons has Disaster Recovery systems and processes to allow replication to another GCP region, initial backups and notification to the Customer base. In the event of impact on payment, backup file may be uploaded to the Customer’s bank to allow payment.

To view our latest uptime and available data you can visit our dedicated status page at https://status.horizons.com and subscribe to receive service updates.

Once the offboarding process is completed, personal data files are stored in compliance with the relevant laws and for the minimum necessary duration. Following this period, all personal data is completely deleted. It is upon the Customer to maintain and create separate backups of any personal data it has provided, for its own record-keeping purposes.

Horizons only stores customer data for the sole purpose of performing its responsibilities as global employment service provide. In cases where a data deletion request is made, Horizons initiates an automated deletion process, which can be triggered via its support channel. This can be directly addressed to support@joinhorizons.com.

Any service data that is kept afterwards is anonymized and irreversibly stripped of any personally identifiable information or other customer identifiers.

All sub-processors, which include local payroll providers, law firms, and third-party employment partners, must sign legal agreements with Horizons. These agreements contain necessary security provisions, including suitable clauses pertaining to international transfers. As part of Horizons’s procedures, a review of a sub-processor’s security credentials is conducted to confirm adherence to industry-standard security practices.

The environment is designed to manage access and any changes are carefully controlled and tested. All Horizons employees who operate the applications undergo comprehensive training, including security instruction. Further measures, such as the encryption and management of shared documents via Microsoft 365, are implemented to lessen the risk of unintentional disclosure of personal data.

In the context of the Horizons global human resources services, Horizons serves as the data controller, downstream partners act as data processors, and the Customer is considered the data subject. If the Customer elects to use Horizons as their human resources platform provider, Horizons will gather employee data to carry out payroll and other human resources services.

logo-1

What to expect when you connect with Horizons

Recruit, hire and pay remote
teams without a local entity

We respect your data, and process it according to our Privacy Policy