// Trust & Security Report
Beamery Inc.
AI-Powered Workforce Transformation Platform
Certifications held
9
Maturity
Enterprise
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on beamery.com“Beamery has been continually ISO 27001-certified since 2020.”
Verify on trust.beamery.com“SOC 2 Type II — An independent assessment issued annually that evaluates controls systems against AICPA Trust Services Criteria. Certifications and Reports: SOC 2 Type II, SOC 2 Type 2 Bridge Letter”
Verify on beamery.com“Beamery, the AI platform for workforce transformation, has announced it has achieved ISO 42001 certification, the world's first international standard for Artificial Intelligence Management Systems.”
Verify on beamery.com“Beamery is in full compliance with General Data Protection Regulation (GDPR) and has specific tools and processes to help customers in their own compliance with GDPR requirements.”
Verify on beamery.com“Beamery is certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension and the Swiss-U.S. Data Privacy Framework.”
Verify on trust.beamery.com“CCPA COMPLIANT — Compliant with California Consumer Privacy Act to protect personal information across the US.”
Verify on beamery.com“Obtaining this certification is a key milestone for Beamery. It reinforces our commitment and investment in our privacy practices globally. (Nicolette Nowak, DPO, Beamery) — Certified January 2022, recertified annually.”
Verify on beamery.com“CSA STAR Level 1 — Beamery self-assesses biennially against the Cloud Security Alliance framework, with results verifiable at their registry.”
Verify on trust.warden-ai.com“Beamery uses Warden AI to provide third-party assurance over its AI systems. Our platform continuously audits for bias and other risks, giving ongoing visibility into fairness, compliance, and system behavior.”
> Show 1 unconfirmed / not-held certifications
source: beamery.comNo HIPAA certification or BAA offering found on the security page, trust center, or privacy policy. Beamery serves HR/talent use cases, not healthcare.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
EU or US at customer election; data may also be stored in UK, Australia, and countries where affiliates operate
Beamery explicitly does not use PII or customer data to train AI. Models were trained on approximately 2 million public people profiles (roles, skills, education, industries). Customer data processed as a processor/service provider is handled only per customer instructions. The privacy policy notes that product improvement and analytics may include AI model training for data where Beamery acts as a controller (its own website visitors), not enterprise customer data.
// Security controls
Penetration testing
Annual; Pentest Report 2025 available on trust center under NDA/access request
trust.beamery.comBug bounty
Self-hosted program (not HackerOne/Bugcrowd); submission via info.beamery.com/bug-bounty-program; reward amounts not disclosed; contact security@beamery.com
beamery.comAccess control
Role-Based Access Control (RBAC); least-privilege principle; data access to customer data is restricted
trust.beamery.comEmployee security training
Annual security, privacy, and compliance training; background checks on all employees
beamery.comDisaster recovery
Annual DR test; RTO 24 hours; Disaster Recovery Test Results 2025 available on trust center
trust.beamery.comSubprocessors
Google LLC (cloud, analytics, Gemini), AWS, Cloudflare (CDN, DDoS protection), Twilio (SMS), SendGrid (email), Segment (analytics), Textkernel/Sovren (resume parsing)
trust.beamery.comAI bias auditing
Monthly continuous audits by Warden AI across sex, race/ethnicity, age, disability, religion, sexual orientation. June 2026 audit: 58 Clear, 0 Concern. NYC Local Law 144 and EU AI Act compliance audits completed.
trust.warden-ai.comAI turn on/off
Customers have the ability to turn AI features on or off within the platform
trust.beamery.com// Products & data scope
data: Processes employee and candidate skills data, workforce composition, market insights. EU or US data residency at customer election.
Core analytics layer aggregating internal HR data with external market signals. Used by executives and HR leaders for strategic planning.
data: Processes workforce data and HR instructions to automate talent decisions. Same data residency options as core platform.
Emerging agentic AI layer; governed by Beamery's Acceptable Use Policy for Generative AI (documented in trust center).
data: Candidate PII, resume data, communication history. EU or US at customer election. Resume parsing by Textkernel/Sovren subprocessor.
AI Talent Match feature audited monthly by Warden AI for bias. Model trained only on public profiles, not customer candidate data.
data: Candidate engagement data, job application data, chatbot interactions. Segment used for analytics.
Includes chatbot functionality and candidate-facing career portals. Candidates can see match scores and career path recommendations.
data: Job descriptions, skills ontology, role data. Used to power skills-based hiring and workforce planning.
Converts unstructured job descriptions into skills frameworks. Integrates with Workday and SAP SuccessFactors.
// What to watch
- HIPAA not claimed — organizations in regulated healthcare-adjacent contexts should confirm before using for healthcare workforce data
- Bug bounty is self-hosted with no publicly disclosed reward amounts; no HackerOne/Bugcrowd listing found
- Segment (Twilio) used for product analytics — candidate page-view and click data flows through US-based Segment infrastructure regardless of EU/US instance choice
- ISO 42001 announced August 2025 — certifying body not named in press release; auditors should request certificate for formal procurement
// At a glance
Pricing model
Enterprise SaaS (contract-based, demo required; no self-serve pricing listed publicly)
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Beamery Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.beamery.com