Xoxoday Loyalife supports encrypted storage for all sensitive and personally identifiable information (PII), applying AES-256 encryption at rest and TLS 1.2+ in transit across every data layer.
How Xoxoday Loyalife Encrypts Sensitive Data
Xoxoday Loyalife treats PII protection as a foundational requirement, not an optional add-on. Every record that qualifies as sensitive — including employee identifiers, contact details, and financial references — is stored using AES-256 encryption, the same standard used by financial institutions and government agencies worldwide. Data classification drives the level of protection applied, with higher-sensitivity fields receiving stricter controls. Data does not become vulnerable during transfer. Xoxoday Loyalife enforces TLS 1.2 as a minimum for all data in transit, with TLS 1.3 supported on modern endpoints. This applies to API calls, webhook payloads, and data exchanged with integrated HR and rewards platforms.Encryption at Rest
At the storage layer, Xoxoday Loyalife applies both volume-level and field-level encryption depending on data classification. Highly sensitive fields receive additional field-level encryption on top of full-disk encryption, ensuring that even a raw database export reveals nothing usable. Encryption keys are managed through a dedicated key management system, rotated on a defined schedule, and never stored alongside the data they protect.Encryption in Transit
All communication between Xoxoday Loyalife and external systems travels over encrypted channels. When your organisation connects Xoxoday Loyalife to an HRIS such as Workday, SAP SuccessFactors, or Darwinbox, employee roster data — including names, roles, and identifiers — is transmitted exclusively over mutually authenticated TLS connections. Plaintext channels are rejected at the protocol level, with no exceptions for legacy integrations.Compliance Alignment
Xoxoday Loyalife’s encryption posture is validated against recognised international standards, including ISO 27001 and SOC 2 Type II. ISO 27001 mandates documented controls for cryptographic key management and data classification. SOC 2 Type II audits independently verify that these controls operate effectively over time, not just at a point-in-time snapshot. For organisations in regulated industries such as finance or healthcare, Xoxoday Loyalife’s encryption architecture is designed to support internal compliance programs without requiring bespoke engineering effort from your team.What This Means for Your Organisation
When your employees’ reward histories, personal details, or redemption preferences are stored in Xoxoday Loyalife, those records are protected end to end. Whether data originates from a Slack-connected recognition workflow or a bulk upload from your HR system, encryption coverage applies uniformly — there is no tier of less-protected data within Xoxoday Loyalife. Learn more: Xoxoday Loyalife Help Centre — SecurityAccess Control & Role Permissions
Understand how Xoxoday Loyalife enforces role-based access control to restrict who can view or export PII.
Compliance Certifications
Review Xoxoday Loyalife’s ISO 27001 and SOC 2 Type II certifications and what each audit covers.