// Trust & Security Report

    Tiplinks Inc. logo

    Tiplinks Inc.

    Fetcher: AI-powered talent sourcing and recruitment platform for recruiters and hiring managers to identify, engage, and source candidates at scale.

    Certifications held

    2

    Maturity

    Growth

    Trains on your data

    Unknown

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type 2
    HELD

    Fetcher holds SOC 2 Type 2 certification, which evaluates adherence to five trust service principles: security, availability, processing integrity, confidentiality, and privacy. CTO Jeremy Martin states: 'At Fetcher, we recognize the importance of data security and privacy. This certification isn't just a badge—it's a living testament to our commitment to prioritizing your robust security and governance requirements.'

    Verify on fetcher.ai
    GDPR Compliance
    HELD

    Fetcher states it is '100% compliant' with GDPR. The company operates under EU-U.S. Data Privacy Framework (DPF), UK Extension to the EU-U.S. DPF, and Swiss-U.S. Data Privacy Framework. Fetcher uses Standard Contractual Clauses issued by the European Commission for personal data transfers and commits to responding to data erasure requests within 72 hours.

    Verify on fetcher.ai
    > Show 3 unconfirmed / not-held certifications
    ISO 27001
    NOT CONFIRMED

    No public evidence of ISO 27001 certification found in vendor domain or available documentation.

    source: rankiteo.com
    HIPAA
    NOT CONFIRMED

    No public evidence of HIPAA compliance. HIPAA is not mentioned in vendor's privacy policy, terms, or trust documentation. Fetcher is a recruitment platform, not a healthcare tool, and outside HIPAA's scope.

    source: fetcher.ai
    PCI DSS
    NOT CONFIRMED

    No public evidence of PCI DSS certification in vendor documentation.

    source: fetcher.ai

    // Privacy & AI training

    Trains on customer data

    Not stated

    Data processing agreement

    Offered

    Data region

    AWS (Amazon Web Services) - vendor states 'meets rigorous international security standards' but specific regions not publicly documented

    Terms of Service do not explicitly address whether customer data is used to train AI models. Terms permit data transfer to third-party integrations (ATS, CRM, email) when subscribers authorize, but no statement on internal AI training practices. Recommend contacting vendor for explicit clarification.

    // Security controls

    Encryption at rest

    AES-256 encryption for all data at rest; talent lead data encrypted with unique key per record

    help.fetcher.ai

    Encryption in transit

    HTTPS/TLS for data in transit (standard practice, confirmed by GDPR compliance statement)

    fetcher.ai

    Password security

    Industry-standard hashing and salting using bcrypt

    help.fetcher.ai

    Infrastructure

    Amazon Web Services (AWS) with continuous security audits and geographically distributed compliance certifications

    fetcher.ai

    Data subject rights response

    Data erasure requests responded to within 72 hours; unsubscribe and objection requests honored for direct marketing

    help.fetcher.ai

    Incident response

    SOC 2 Type 2 certification includes ability to detect and respond to security incidents or system failures quickly and effectively

    fetcher.ai

    Responsible disclosure

    Responsible Disclosure policy available for security researchers

    help.fetcher.ai

    // Products & data scope

    Fetcher (core platform)Talent Sourcing / Recruitment AI

    data: Professional candidate data (job history, skills, LinkedIn profiles) sourced from professional networks and third-party vendors; candidate data retained for one year with annual updates; customer contact information retained during contract validity

    AI-powered platform for recruiters and hiring managers to identify, screen, and engage candidates. Integrates with ATS, CRM, email, and Slack. Supports both inbound and outbound sourcing workflows.

    // What to watch

    • No ISO 27001 certification (not uncommon for growth-stage SaaS, but common for enterprise procurement)
    • AI training posture on customer data not explicitly documented—terms permit third-party integrations but do not address internal model training. Recommend vendor clarification for procurement due diligence.
    • No dedicated trust center; compliance information distributed across privacy policy, help docs, and blog posts (minor operational concern, not a security concern)
    • No HIPAA or PCI DSS compliance (appropriate for recruitment use case, but may limit enterprise sales in healthcare/payments sectors)

    // At a glance

    Pricing model

    Subscription-based SaaS (specific tiers not detailed in available docs)

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Tiplinks Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    fetcher.ai

    > Browse all vendor trust reports