TalentLoft Compliance Statement

Effective Date: October 30, 2025

1. Overview

At TalentLoft, compliance is integral to our operations, culture, and customer trust.

We adhere to applicable laws, regulations, and industry standards that govern data privacy, information security, and business conduct.

This Compliance Statement outlines the frameworks, laws, and certifications that guide our policies and practices.

2. Regulatory Compliance

TalentLoft complies with the following legal and regulatory frameworks:

a. Data Protection and Privacy

  • General Data Protection Regulation (GDPR) — EU Regulation 2016/679 governing the protection and processing of personal data.

  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) — ensuring transparency, data access, and opt-out rights for California residents.

  • Children's Online Privacy Protection Act (COPPA) — ensuring protection of data related to individuals under the age of 13.

  • CAN-SPAM Act — governing email marketing and commercial communications.

  • Virginia Consumer Data Protection Act (VCDPA) and similar U.S. state privacy laws as applicable.

b. Data Transfer and Sovereignty

  • Compliance with Standard Contractual Clauses (SCCs) for international data transfers under GDPR.

  • Hosting and data storage solutions use geographically appropriate, compliant cloud providers (e.g., AWS, Azure, or Google Cloud) adhering to ISO and SOC 2 certifications.

c. Accessibility and User Rights

  • TalentLoft aligns with the Web Content Accessibility Guidelines (WCAG 2.1) to ensure digital inclusivity.

  • Our user-facing materials adhere to plainlanguage.gov standards and Section 508 accessibility principles for federal clients.

3. Security Compliance

Our security program is based on internationally recognized frameworks, including:

  • ISO/IEC 27001: Information Security Management System (ISMS) principles.

  • SOC 2 Type II: Controls for Security, Availability, and Confidentiality.

  • NIST Cybersecurity Framework (CSF): Risk-based control management.

  • CIS Controls: Technical and operational best practices.

We maintain continuous monitoring, periodic audits, and formal risk assessments to ensure our controls remain effective and up to date.

4. Ethical and Corporate Governance

TalentLoft is committed to ethical business practices and responsible corporate behavior.

We maintain clear internal policies governing:

  • Anti-bribery and corruption prevention.

  • Equal opportunity and fair employment practices.

  • Conflict-of-interest disclosures.

  • Environmental and sustainability awareness.

All employees are required to comply with these policies and complete periodic ethics and compliance training.

5. Vendor and Third-Party Compliance

TalentLoft conducts due diligence on all third-party vendors that process or store data on our behalf.

Each vendor must maintain appropriate security certifications (e.g., ISO 27001, SOC 2) and comply with our contractual and regulatory requirements.

We also require Data Processing Agreements (DPAs) that define responsibilities, confidentiality, and security standards.

6. Audits and Assessments

Our compliance and security controls are periodically reviewed through:

  • Internal audits conducted by our governance and risk management teams.

  • External third-party assessments to validate adherence to industry standards.

  • Penetration testing and vulnerability scans to identify and remediate risks proactively.

7. Continuous Improvement

Compliance is not static.

TalentLoft actively monitors regulatory changes and industry developments to maintain continuous alignment with evolving laws and best practices.

We regularly update our internal policies, training programs, and vendor requirements accordingly.

8. Reporting Concerns and Contact Information

We encourage responsible disclosure of compliance concerns or suspected policy violations.

If you believe a compliance issue has occurred, please contact us confidentially at compliance@talentloft.com.

For general inquiries, please reach us at:

TalentLoft
Email: info@talentloft.com
Mailing Address:
980 Birmingham Road
Suite 501-165
Alpharetta, GA 30004

Stay Informed

Get the latest insights on fractional work, hiring trends, and success stories delivered to your inbox.

No spam. Unsubscribe anytime.

No spam. Unsubscribe anytime.