Atlas HR

Atlas HR Trust Center

Security, privacy, and AI boundaries for HR teams.

HR systems hold sensitive employee data. Atlas HR treats access control, auditability, privacy, responsible AI, and regional compliance as core product requirements rather than procurement afterthoughts.

Start a secure workspaceContact security

Employee data protection

Atlas HR is designed around workspace membership, role-based permissions, service-role separation, and secure handling of employee records, documents, leave, payroll, performance, and case data.

AI with human review

Atlas AI assists with HR drafting, research, compliance review, and workflow guidance. It should not replace qualified HR, legal, payroll, tax, or employment counsel for high-risk decisions.

Audit-ready workflows

The platform includes audit log foundations, workflow records, approval states, document history, and admin controls so HR decisions can be reviewed later.

Regional compliance awareness

Atlas HR supports country-aware content and workflows for Nigeria, India, the UK, and the US, with review notes and counsel checkpoints where local rules matter.

Current controls

What Atlas HR already has in place.

These controls are product and codebase foundations. Formal security certifications, legal review, and procurement documents should be completed before enterprise launch.

Authentication through Supabase Auth
Role-based workspace access
Row-level security policies for org data
Audit logs for admin-sensitive activity
Webhook signature verification for payments
Cookie consent and privacy controls
Document retention and deletion foundations
AI legal-review warnings for high-risk answers

Responsible AI

Atlas AI is an assistant, not the final decision maker.

AI output can be incomplete, outdated, or jurisdiction-sensitive. Atlas HR should keep human approval, source review, and legal escalation visible in document generation, compliance answers, employee relations, and termination workflows.

Trust roadmap

What to finish before serious enterprise selling.

  • Published subprocessor register with regions and purposes
  • SOC 2 readiness evidence pack
  • Customer-facing data export and deletion request workflow
  • AI prompt/data retention disclosure by feature
  • Security questionnaire download for procurement
  • Incident status and breach communication runbook