Empuls does not operate in or provide services to Syria, Iran, Lebanon, Cuba, Somalia, Libya, Sudan, North Korea, or Crimea, in full compliance with applicable international sanctions laws and regulations.
Sanctioned Country Policy
Xoxoday Empuls maintains a strict policy of not operating in or providing services to sanctioned regions. These regions include Syria, Iran, Lebanon, Cuba, Somalia, Libya, Sudan, North Korea, and Crimea. This policy reflects Empuls’s binding commitment to comply with international trade regulations, including those enforced by the U.S. Office of Foreign Assets Control (OFAC), the European Union, and the United Nations.Why This Matters for Your Organization
Companies operating globally face increasing scrutiny over every vendor in their technology stack. Engaging with a vendor that operates in sanctioned jurisdictions can expose your organization to significant legal and financial penalties — even indirectly. By choosing Empuls, HR and People teams can be confident their employee recognition and rewards programs are backed by a vendor that operates within clearly defined legal boundaries. This is especially relevant for organizations running integrated HR stacks. When Empuls is connected to systems like SAP SuccessFactors, Workday, or Darwinbox, employee data and reward disbursements flow across those integrations. Empuls enforces geographic restrictions at the service level, which means your compliance team does not need to build additional controls around reward program geography.How Empuls Enforces Compliance
Empuls implements access and service restrictions that prevent onboarding, account creation, or reward delivery in prohibited jurisdictions. These controls are embedded in Empuls’s operational and legal framework — not treated as an afterthought. Empuls holds ISO 27001 and SOC 2 Type II certifications, both of which require documented risk management processes. Compliance with international sanctions law is part of Empuls’s broader risk posture, reviewed regularly alongside data privacy and security obligations.What This Means in Practice
If your organization operates in countries adjacent to sanctioned regions — for example, teams in Turkey, Jordan, or Egypt — you can deploy Empuls without concern. The restriction applies only to the sanctioned regions themselves, not to neighboring countries. Empuls serves employees across more than 160 countries where it is legally authorized to operate. For organizations using Empuls alongside communication tools like Slack or Microsoft Teams, reward notifications and recognition workflows are only triggered for users in permitted geographies. This removes the burden of manual geographic monitoring from HR administrators. If your legal or procurement team requires documentation as part of a vendor assessment, Empuls provides sanctions compliance policy statements and data processing agreements to support that process. Learn more: Empuls Help Centre — Legal RiskISO 27001 & SOC 2 Certifications
Understand the security certifications Empuls holds and what they mean for your compliance and vendor assessment program.
Data Residency & Storage Locations
Learn where Empuls stores employee data and how data residency options support your regional regulatory requirements.