Security Hero Compressed with Squares
Security Hero Compressed with Squares

Security and privacy reflected at all levels

At Crunchr, we take your data security and privacy seriously. Built on the latest best practices, our platform ensures robust identity and access controls, regulatory compliance, assurance through annual audits, pentesting by reputable third-party firms, advanced authorization models, data anonymization algorithms, and anonymity thresholds.

Security Hero Compressed with Squares


Crunchr leverages HR domain knowledge to deliver advanced workforce reporting, HR dashboards and people analytics, all while ensuring best in class privacy, security, and regulatory compliance. We ensure accurate data with automated validation, correcting and augmenting inconsistent or missing information. With unmatched security, scalability, and functionality, Crunchr is the most reliable foundation for people insights.

Functionality Trial V1.3


Our defense-in-depth approach ensures strict separation of components on dedicated and isolated virtual private servers per customer in a single-tenant model. Availability and security monitoring detects potential performance issues and attacks 24/7. No complex middleware is needed for HR system integration. Horizontal scalability ensures high availability and a snappy user experience with no downtime or extra cost.


Crunchr ensures authorized access to production data, using continuous delivery and automated deployment for operational processes. Development and production environments are separate, using only generated test data. Data is encrypted in-transit and at-rest. Periodic immutable and encrypted backups are automatically performed and securely stored off-site. Role-based access control and selective anonymization safeguard data access. Secure disposal upon decommissioning ensures data protection.

Hero image with crunchr product pictures


The Crunchr Platform is hosted entirely in the cloud (SaaS) using certified Hosting Service Providers (IaaS) in modern world-class data centers in Europe (EU) and the United States (US). Customers have the choice of which region their data is stored in. Crunchr guarantees their data is stored in the chosen region and never leaves that region. A full and detailed Sub-processor list is available on request to prospects and customers.

Location V1.4


Crunchr adopts a three-lines-of-defense model: daily operations, risk management, and internal audit. All employees are government-screened, recruited from top universities, with M.Sc. or Ph.D. qualifications in computer science or related fields. Our experienced leadership team includes former security executives from ING Bank and Volksbank, with extensive knowledge of European and American regulated industries and global security.

Organization Section V1.2


Crunchr is fully compliant with the stringent European GDPR and American CCPA/CPRA regulations and hence provides rich functionality around data anonymization, protection and access. Crunchr’s designated Data Privacy Officer (DPO) oversees privacy compliance and is registered with the Dutch Data Protection Authority. Several European banks and American insurance companies are customers that have chosen Crunchr specifically because the solution can deliver to their corporate policies and the regulatory requirements of their highly regulated industries.



Crunchr is audited on a yearly basis to the SOC2 standard for service organizations by the audit firm 2-Control, to ensure all required technical, procedural, and organizational controls are in place, effectively used, and maintained. A yearly penetration test is performed by reputed firm Zolder to have a realistic assessment of vulnerabilities in the solution in relation to real-life threats; issues found are quickly resolved. Both the SOC2 and the penetration test report are available on request.

Security vulnerability policy graphic.

Vulnerability Disclosure

Crunchr takes security and privacy very seriously and investigates all reported vulnerabilities. Despite the effort we put into the security of our services every day, vulnerabilities can still be present. Read more about our practice for addressing potential vulnerabilities in any aspect of our services.

Identity and Access

Crunchr requires strong passwords and supports Multi-Factor Authentication (MFA/2FA) and Single Sign-On (SSO) using the customer’s existing Active Directory (AD) or Azure AD. The Crunchr Platform ensures that the right access controls are always in place through an advanced, fine-grained, and highly configurable Role-Based Access Control (RBAC) authorization model. This ensures users can only access resources and can only see the data (sub)set they are authorized for.

Book a Demo

Crunchr is one solution for people analytics, HR dashboards, and strategic workforce planning. It provides you with the relevant insights into your workforce, empowering your entire team to make better, data-driven decisions. With its lightning fast implementation, you can start leveraging Crunchr to meet your top priorities within weeks.