Protecting candidate and employer data is a foundation of how we build Ajira Next. This page summarises the practices we follow and how to report a concern.
All traffic is served over HTTPS with TLS 1.2 or higher. Stored data — including profiles, CVs, and application history — is encrypted at rest by our managed database provider.
Sign-in is handled by Supabase Auth with industry-standard password hashing and OAuth providers. Administrators access internal data only through role-based controls audited on every request.
Card and mobile-money transactions are processed by certified providers (Paystack and Safaricom Daraja). We never store full card numbers on our servers.
Production systems are monitored continuously. Any verified incident affecting customer data is investigated, contained, and disclosed in line with applicable data-protection laws.
If you believe you have found a vulnerability or have a question about our security practices, please get in touch so our team can investigate quickly.
Protecting candidate and employer data is a foundation of how we build Ajira Next. This page summarises the practices we follow and how to report a concern.
All traffic is served over HTTPS with TLS 1.2 or higher. Stored data — including profiles, CVs, and application history — is encrypted at rest by our managed database provider.
Sign-in is handled by Supabase Auth with industry-standard password hashing and OAuth providers. Administrators access internal data only through role-based controls audited on every request.
Card and mobile-money transactions are processed by certified providers (Paystack and Safaricom Daraja). We never store full card numbers on our servers.
Production systems are monitored continuously. Any verified incident affecting customer data is investigated, contained, and disclosed in line with applicable data-protection laws.
If you believe you have found a vulnerability or have a question about our security practices, please get in touch so our team can investigate quickly.