We build AI that's accountable by construction. Our flagship, TrueNorth, is gated by 1,800+ automated tests and evals that run in CI on every change — including an LLM-as-judge suite that grades the AI's résumé parsing and candidate-matching against an independent model as part of our release process. Identity data is encrypted at rest, never returned in cleartext, and every deliberate access is logged. Access is governed by a five-tier role hierarchy, a data-integrity registry reconciles production every morning, and each customer runs fully isolated from our own operations.
Our flagship, TrueNorth, is gated by 1,800+ automated tests and evals. CI blocks merges until both a deterministic suite and a database-bound suite — run against a real, ephemeral Postgres — pass.
An independent model grades the AI's outputs — résumé parsing, JD parsing, skill equivalency, and match scoring — so the model under test is judged by another model, run as part of our release process.
Every product we ship to a client is eval-gated, with CI on each deploy.
Identity PII (SSN, date of birth) is encrypted at rest using rotation-ready keys provisioned per instance — never stored in code.
Only a masked last-4 is ever surfaced, and cleartext is never returned by the API.
All traffic runs over HTTPS/TLS, and stored data is encrypted at rest.
Super-admin, delivery head, account manager, senior recruiter, and junior recruiter — enforced at the API over JWT auth with bcrypt-hashed passwords. Destructive actions are restricted to the top role.
Every deliberate view, export, or decrypt is recorded — who, which fields, what action, when, and the source IP.
The same rules run two ways — as a CI gate, and as a daily production reconciliation at 08:00 IST that surfaces any drift to our error-monitoring before work hours.
Every check is a pure read — it never mutates your data.
Each customer runs single-tenant — a separate deployment, a separate database, and separate object storage. A client's data never shares a tenant with TrueTech's own staffing operations. That's the direct answer to “but you're also a staffing company.”
One codebase serves the US–India corridor via a region flag — not a fork — with a CI regression gate that guarantees existing-region behavior stays byte-for-byte unchanged.