Security

Markyto EMS is built for agencies that handle sensitive employee, client, and project data. Security is embedded in our multi-tenant architecture.

TLS encryption Data encrypted in transit between browsers, mobile apps, and our cloud services.

Multi-tenant isolation Every query is scoped by company_id so tenant data stays separated at the application layer.

Role-based access Granular permissions for admins, HR, project managers, employees, and clients.

Audit trails Sensitive writes are logged for traceability across HR, projects, and AI-assisted actions.

PIPEDA (federal) Privacy practices aligned with Canada's federal private-sector privacy law.

Quebec Law 25 Controls for Quebec private-sector organizations handling personal information.

BC PIPA Alignment with British Columbia's personal information protection requirements.

CASL Commercial electronic message compliance for email and outreach automation.

Enterprise LLM controls Organizations supply their own AI credentials; activity is auditable and policy-aware.

Security questions or responsible disclosure: hello@markyto.com.