Empuls maintains a formal Information Security Policy document — titled “Xoxoday - Information Security Policy” — that administrators can share with employees as a direct link or attachment within the platform.
Sharing a Policy in Empuls
When employees, auditors, or new joiners ask where to find the company’s data-handling standards, Empuls gives administrators a clear path to the right document. The official reference is the Xoxoday - Information Security Policy, which outlines how employee data is collected, processed, stored, and protected across the platform. Admins can share this document by copying the direct document link and distributing it through any internal channel — whether that’s a pinned announcement in Empuls, a notification pushed via Slack or Microsoft Teams, or embedded in an onboarding checklist inside the platform.Why the Information Security Policy Matters
Empuls processes sensitive HR and people data, including recognition activity, reward redemptions, and integration data pulled from systems such as Workday, SAP SuccessFactors, and Darwinbox. The Information Security Policy sets out exactly how that data is governed, giving HR and IT teams a single authoritative document to point employees, vendors, and auditors to. The policy reflects Empuls’s alignment with internationally recognised frameworks. Xoxoday holds certifications including ISO 27001 and SOC 2 Type II, meaning the controls described in the policy have been independently verified. Sharing this document proactively — particularly during onboarding or annual compliance reviews — helps organisations demonstrate due diligence without extensive back-and-forth with your security or legal team.Practical Example
Consider an HR team rolling out Empuls to a 500-person organisation using Darwinbox as their core HRIS. During onboarding, the admin pins a platform-wide announcement in Empuls that includes a direct link to the Xoxoday - Information Security Policy. Employees who have questions about how their data flows between Darwinbox and Empuls can immediately read the policy without raising a support ticket. The same link is shared in the company’s Microsoft Teams General channel for maximum visibility. This approach is especially useful ahead of internal or external audits, where employees may need to confirm they have reviewed the security standards governing the tools they use daily.How to Access the Policy Document
To retrieve the link to the Xoxoday - Information Security Policy, navigate to your Empuls admin portal and contact your Empuls customer success representative or refer to the documentation provided during your onboarding. The document is also accessible through the Xoxoday Trust Centre, which surfaces compliance and security artefacts in one place. Once you have the link, you can attach it to any announcement, embed it in a survey or form, or share it as a hyperlink within a reward or recognition programme description — keeping your policy communication structured and auditable. Learn more: Empuls Help Centre — GeneralData Security and Privacy in Empuls
Understand how Empuls protects employee data, including encryption standards, access controls, and certifications like ISO 27001 and SOC 2 Type II.
Admin Settings and Platform Configuration
Learn how to configure platform-level settings in Empuls, including permissions, notifications, and compliance-related options for your organisation.