How we protect your privacy at FairComp
Compensation is sensitive
Few things are as sensitive and confidential as compensation information. Salary, bonuses, and equity are not just numbers; they represent a valuation of one's skills. It is critical to protect this information, especially in an era of constant data breaches.
FairComp provides world-class privacy and security for our users. It’s not just marketing, but a measure of integrity and care for our users. Our approach ensures your most sensitive data is handled with care and kept private, secure, and anonymous.
Here is how we handle your data and think about data security.
Minimizing the data we collect
Our goal is to collect as little information from users as possible, just enough to provide the FairComp pay insights people sign up for.
We collect three kinds of information:
- Pay data: salary/wage information, employer, job title, location
- Personal information: name, email address, years of experience
- Demographic data: gender, ethnicity, age (only if you explicitly opt-in)
Pay data: we collect this information to create the compensation reports that help users determine whether they are paid fairly or not. All pay data uploads are stripped of personally identifying information (name, email, etc). We only store what’s absolutely necessary to create the dataset to help our users.
Identity: to allow users to log in and get notified of updates to industry data, we collect names and email addresses, but this data is intentionally separated from pay data and demographic information.
Demographic information: to support our mission of “fair pay for all,” we ask users to volunteer their demographic information. This is gathered and anonymized so that we can run industry and company-wide pay gap analyses.
Neither pay data nor demographic information is associated with your personal information. Everything is separated and anonymized so we can run statistical analyses. This data is not used for any other purpose.
Securing your data
FairComp has experienced security engineers on the team, and we use industry best practices for security. We emphasize reducing the amount of data we collect (and, therefore, need to protect) and creating layers of security to protect that data (even from us).
Keeping your data anonymous
Our promise is that we’ll never reveal your FairComp usage in any way. We do this in three ways:
- Anonymize: We anonymize the data we gather, so we can’t tell one user’s pay data from another.
- Aggregate data only: We share only aggregated data. We will refrain from posting any data until we have enough data points to keep individual contributions statistically anonymous.
- Encrypt: As you’ll see below, we create a privacy bridge between your user information and sensitive pay or demographic information, and then we encrypt that bridge with your password. This keeps your data secure, even from us.
Preserving your privacy: the “Encrypted Privacy Bridge”
We protect your sensitive data through a methodology we call a “Privacy Bridge,” which means we separate your sensitive data (compensation and demographic information) from your identity (name, email, etc) and then encrypt the link between the two with your password.
Without knowing your password, we’re not able to trace your compensation data to your user information (e.g. email) - even if we wanted to. Once you’ve set a password, we have no way to de-anonymize your compensation data.
You'll have this enhanced security enabled once you set a password in your settings. At that point, if you want to edit your sensitive data, you may be prompted for your password to temporarily decrypt the bridge, cross it, and edit the data.
What if I lose my password?
If you lose your password, you’ll have to re-input your salary data. It’s an extra step, but we’ve intentionally made the tradeoff to protect your sensitive data.
Why not end-to-end encrypted?
The gold standard protocol for data security is end-to-end encryption, which ensures your data is always encrypted (from creation, transmission, storage, and usage). The tradeoff with e2e encryption is that an app cannot see any of your data, ever.
The core value of FairComp requires showing anonymized, aggregated data to our users. That means we can’t e2e encrypt compensation and demographic data because then we’d be unable to serve users the product they came for.
A privacy bridge encrypted by your password is the best-in-class solution for keeping everyone’s contributions anonymous (even from us) while still providing users with a product that will help people advocate for fair pay.
Are “privacy bridges” a standard practice?
Unfortunately, they’re not. Doing things this way isn’t easy, and most providers of compensation insights haven’t taken the time to build this level of protection into their products.
While many providers appear to have good security practices, they are unable to de-anonymize data (even if they wanted to). It takes commitment.
Need More Resources? Check out these links:
Are you being paid fairly? Let's find out.
Accurate, anonymized salary data. Get started to see how your salary compares to your peers.