Please access this document via the main proposal.
Prepared for dfcu Bank IT and Security teams. This document covers infrastructure, hosting, authentication, data security, AI processing, and compliance certifications for the Peopletree Group platform.
The Peopletree platform is hosted exclusively on Microsoft Azure. All data is stored in EU-region data centres, with geographic redundancy and automated failover.
Each client operates in a logically isolated tenant environment. dfcu Bank data is never commingled with other client data, and access is strictly controlled at the tenant boundary.
The platform supports SAML 2.0 single sign-on, enabling integration with dfcu Bank's existing identity provider. Multi-factor authentication is supported and can be enforced at the tenant level.
All data is encrypted at rest and in transit. Access to production data is restricted to authorised Peopletree engineers and is logged and audited.
TAILA (the AI intelligence layer) uses Azure OpenAI Service. All AI processing is stateless - no employee data is retained by the AI model, stored in training datasets, or used to improve the underlying model. dfcu Bank data never leaves the EU Azure region.
Each AI interaction is processed independently. No conversation history, employee profiles, or assessment data is retained by the AI model between sessions.
dfcu Bank employee data is never used to train or fine-tune the underlying AI model. Microsoft's enterprise data protection commitments apply in full.
All AI processing occurs within the EU Azure region. Data does not leave the EU boundary during AI processing, supporting GDPR compliance requirements.
Peopletree Group is SOC 2 Type II certified, independently audited by a third-party firm. The certification covers the Security, Availability, and Confidentiality trust service criteria.
The platform is monitored continuously for availability, performance, and security events. Automated alerts trigger incident response procedures for any anomalous activity.
| Area | Peopletree Group | dfcu Bank |
|---|---|---|
| Platform hosting and infrastructure | Fully managed | No action required |
| Security patching and updates | Fully managed | No action required |
| User access provisioning | Managed via admin portal | HR admin approves user requests |
| SSO / identity integration | Configures SAML connection | Provides IdP metadata and IT support |
| HRIS / payroll data integration | Builds and maintains integration | Provides data access and IT liaison |
| Data ownership | Data processor only | Data controller - owns all employee data |
| Backup and recovery | Automated daily backups | No action required |
| Compliance reporting | Provides SOC 2 report and DPA | Reviews and signs DPA |
For initial technical questions, reach out to Brett who will connect you with the appropriate technical resource.
For detailed technical due diligence, security questionnaires, and IT integration planning, Rob leads the technical team.