Data Protection and Security | Kenjo

Your most frequently asked questions answered

We want you to trust us on your journey to transform your HR department. That's why we secure and protect your data with complete transparency by implementing and developing organizational measures that comply with international standards and regulations. To keep your data secure, we not only apply best practices that comply with the European General Data Protection Regulation (GDPR), but also process your data in high-security data centers that have the appropriate security certifications.

Backups & Recovery

  • Kenjo's database creates backups with all data every 6 hours. Each of these backups is kept for 2 days according to Kenjo's retention policy.

  • Kenjo has security measures in place to prevent data breaches. In the event that a data breach occurs, the Incident Response Protocol provides for the use of all resources to determine the nature and extent of the incident.

  • Kenjo processes your data on behalf of your organization. This means that Kenjo is required by law to notify your organization of any data breach involving your personal data.

General information

Does Kenjo have an appointed data protection officer (DPO)?

Does Kenjo follow international standards and regulations in order to keep my information safe?

Can I conclude a Data Processing Agreement with Kenjo?

Is everyone in Kenjo familiar with legal requirements on data protection?

How can I report security vulnerabilities?


  • Kenjo conducts penetration tests on an annual basis. The results are always published in a timely manner.

  • Kenjo conducts audits every year to verify safety.

Authentication & Access Control

Who has access to my data in Kenjo?

How does user authentication work?

Does Kenjo support the configuration of passwords?

What authorization roles are available within Kenjo?

Purpose Limitation

  • The data will only be stored as long as you are a customer of Kenjo and the legal retention periods do not conflict.

  • If a contract is terminated, your data will be deleted after the expiration of the contractual relationship, unless there are legal retention periods to the contrary. After expiration of any retention periods, this data will then be deleted.


What type of data does Kenjo collect?

What will happen with candidate data during the recruiting process?

How is data encrypted?

Are Kenjo passwords encrypted?

How are passwords encrypted?

Where are Kenjo’s data centers located?

Integration Options