The security of your candidate and employee data is of the utmost importance to us. As data processor of your information we understand that the confidentiality, integrity and availability of information are vital to our customers and partners. To protect your information we use an approach based on multiple layers of world class controls and processes.
Security – it’s in our DNA
At Lumesse security is in our DNA. We believe that application development and data processing for our customers and partners can't be separated from a proper security management system. Our security framework is embedded in the way we work and how we service and support our customers.
Our control framework is based on internationally recognized standards (CobIT, ISO 27001). Controls are implemented based on ISO 27002. We have a dedicated Information Security Officer and a formalized governance structure to ensure compliance to internal and external requirements and to maintain management commitment to the highest levels.
Certifications & registrations
We are certified against ISO 27001 for our Lumesse TalentLink and Lumesse ETWeb and Lumesse i-GRasp Services. For our Lumesse ETWeb and Lumesse TalentLink services we have SOC1 Type 2 (ISAE 3402/SSAE 16) reports available for our customers. Control effectiveness is continuously reviewed and improved. We are registered with the data protection authorities and maintain an active Safe Harbor registration for our US American entity.
We have implemented a Business Continuity Management System based on the ISO 2301 best practice standards. Business Continuity plans are maintained and regularly tested throughout our organisation. Our Disaster Recovery plans are tested on an annual basis to ensure effectiveness and to verify recovery times. Lumesse is certified against BS25999 and ISO 22301 for its Lumesse TalentLink and ETWeb services.
We develop and release our applications using strict, formalized processes. Our applications and infrastructure are tested for potential vulnerabilities by internal and external teams on a regular basis. We use specialised third parties to assess our applications, infrastructure and security controls to ensure we maintain market best practices and keep up with changing threats.
View our accreditations and certifications
|View our ISO 27001 certificate for Lumesse TalentLink, Lumesse ETWeb and Lumesse i-GRasp.||Lumesse ISO22301 Business Continuity Certificate||Learn more about Business Continuity Management|
|View the Security Certificate||View the Security Certificate||View the insight|
As a global leader in talent management we know how important data privacy is for your company and for your employees and candidates. Lumesse processes millions of HR transactions through its systems - systems which are protected, structured and organised according to the latest legislation.
The Lumesse Data Protection Forum
Data protection law is not necessarily the most uncomplicated legal matter on earth. In many countries all over the world, data protection is a heavily regulated area – whilst at the same time regulations often differ significantly from country to country. Additionally, there is a global trend to tighten regulation further, and the landscape of data protection laws is changing fast.
Lumesse is dedicated and committed to providing its customers software solutions and services that enable Lumesse’s customers to meet the regulatory challenges they are facing in the area of data protection. For example, we develop and release our solutions using strict, formalised processes. And our solutions and infrastructure are tested for potential vulnerabilities by internal and external teams on a regular basis.
Lumesse constantly monitors the development of data protection laws on a global level. And we also follow a strict, formalised process. For not only being always up to date, but for being always ahead of the game, Lumesse has established a Data Protection Forum which is composed of experts in data protection.
The members of the Lumesse Data Protection Forum are the head of the Lumesse Legal Department, Lumesse’s Information Security Officer, Lumesse’s Data Protection Officer for Germany and Lumesse’s Data Protection Officer for France. They meet on a monthly basis to:
- Monitor the international developments on the field of data protection laws
- Evaluate new projects and processes under data protection laws
- Frequently review existing set-ups and processes with a view to their compliance with data protection laws.
In summary, the Data Protection Forum’s mission is to support Lumesse in designing and maintaining compliant solutions and services for Lumesse’s customers. The Data Protection Forum works closely with stakeholders from all over the Lumesse organisation for making sure its mission is a success.
Safe Harbor Framework
US-EU Safe Harbor is a streamlined process for US companies to comply with the EU Directive 95/46/EC on the protection of personal data.
Lumesse, Inc. complies with the U.S.-EU Safe Harbour Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Lumesse, Inc. has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Lumesse, Inc.'s certification, please visit www.export.gov/safeharbor.
The European Union's Directive 2009/136/EC (the so-called 'E-Privacy Directive', sometimes also called the 'Cookie Directive') has triggered substantial confusion about the legal framework applicable to the usage of so-called Cookies on the Internet. This because it is uncertain what requirements needs to be met under this Directive before a Cookie may be placed on the computer of a person browsing the Internet and visiting websites.
EU Directives regularly do not apply directly to companies and citizens; they rather require from EU member states that these implement the Directives' provisions and regulations into their national laws. Although EU member states were requested to implement the E-Privacy Directive into their national laws until May 2011 at the latest, many EU member states have not yet done so due to the confusion about what the Directive actually requires. And the countries having implemented the Directive so far have not found a common approach; the respective national laws partially differ significantly from each other. The legal discussion about what is 'right' and what is 'wrong' in this context is still going on.
Both according to internal as well as external legal examination, Lumesse' solutions are compliant with applicable legal frameworks in this situation. Lumesse is monitoring this situation closely; in case any new developments should become apparent, it will respond respectively.
US Patriot Act
The US Patriot Act was created post 9/11 to allow the US government significantly increased covert access to data, without a court order. According to common interpretation the act applies to all US headquartered technology companies regardless of where in the world their customer's data is stored, as well as to data being stored in the United States of America. This means that data processed by US headquartered data-processors and/or data being stored in the USA could be accessed by US authorities without the data controller's (the data processor's customer) explicit permission or even knowledge, also when the data-processor's customer is non-US based and if the data is stored outside of the US. Lumesse is European headquartered and has local legal entities around the world, and these entities do not store customer data in the USA.
To support the development of our solutions and our customer operations, our technical services team is responsible for all activities related to the availability and continuity of our solutions and services. For more information about these services, please contact your nearest Lumesse office.
Secure Data Services
Our services are co-located in dedicated spaces in secure, world-class data centres. The data centres are certified and regularly audited by specialised external auditors. Typical characteristics of the data centres include:
- Perimeter defences
- 24-hour manned security, including perimeter inspection
- Video surveillance (CCTV) throughout facility and perimeters
- Strong and strictly monitored access controls
- Fire detection and suppression
- Buildings engineered for weather and flood risks
- Redundant power (including batteries, UPS and diesel generators)
- Redundant connection to multi-carrier internet services
- Infrastructure located in dedicated secure restricted area
- Infrastructure owned and maintained by Lumesse staff
Lumesse uses secure hosting centres in Europe (United Kingdom, Germany, Switzerland and Norway), Singapore, United States and the Republic of China that provide our customers with local, high-performance facilities meeting global standards.
Disaster Recovery Services
Our network and systems are built with redundancy as a fundamental principle. We actively recover from faults at all levels of our architecture. Our disaster recovery capability can handle an extended total loss of access or complete loss of the data centre. We have strict backup procedures and tested disaster recovery plans in place to ensure quick restoration of services with minimal loss of data in case an incident should happen. Disaster Recovery plans are tested on an annual basis to ensure effectiveness and to verify recovery times.
Lumesse offers customers additional Source Code Escrow services via the trusted third party NCC Group. Lumesse offers different services for its product portfolio, such as single-licence agreements and multi-licence agreements. Additionally Lumesse offers data Escrow services for its customers. Under this service Lumesse deposits a copy of the database containing customer information on a monthly basis at NCC Group. NCC Group tests the data for integrity and completeness and ensures availability of the data to the customer.
View our technical service insight papers
Hosting Service description
Technical Service Insight
Disaster service description
Product browser compliancy
From 12 January 2016 Microsoft has ended support for all older version of Internet Explorer. Lumesse are unable to commit to supporting Microsoft’s technology beyond their own support commitment. You can read more about Microsoft’s end of support for older versions of Internet Explorer here.
Therefore during February 2017, with the release of TalentLink 17.1, Lumesse will withdraw support and compatibility testing of Internet Explorer 8 and Internet Explorer 9.
Whilst we do not expect current functionality of Lumesse TalentLink to stop working in Internet Explorer 8 or 9, from February 2017 onwards, any reported issues by users of Internet Explorer 8 or Internet Explorer 9 will need to be reproduced on Internet Explorer 10 or above, or one of our the other supported browsers.
- Lumesse recognises that withdrawing support from mainstream browser versions is inconvenient for our users/customers.
- For each release we will provide information on the browsers and versions that are supported.
- PC browser tests are undertaken using Windows Operating System.
- IMPORTANT – whilst we regularly update the information on this page, we are unable to commit to it being current, correct or complete as the providers of the third party technology (including browsers) that we or you may use for or in connection with our products continue to develop that technology and/or vary the support available for it and, as such, we shall not be liable for any loss or damage howsoever arising (whether in contract, tort, including negligence, by law or otherwise) out of or in connection with the impact of those changes on your ability to enjoy our products.
Withdrawing Support for Browsers
- We aim to continue to support a browser/version for as long as possible. However, if continuing to support a browser/version will adversely affect the use of our products then we will review the continued support of such a browser/version.
- If we decide to withdraw support for a browser/version we will provide 3 months' notice in writing of that decision.
- We review the browsers/versions that we will support whenever we produce a new release of a product.
- We will NOT support new browsers/versions for existing product versions that are generally available.
- Support for new browsers/versions will only be included in new versions of a product.
Lumesse TalentLink and i-GRasp Front Offices
The following table shows which browsers/ versions supported for Lumesse TalentLink and i-GRasp front offices.
|Browsers||Pre Oct 2011||Pre Oct 2011- Oct 2014||Oct 2014 - Nov 2016||Nov 2016 - Present|
|Safari (PC) †||●||●||●||●|
|Safari (Mac) ††||●||●|
- † Indicates latest version of browser at the time of development.
- †† For TalentLink, Safari (Mac) support commenced with v15.0.
Lumesse TalentLink Back Office.
The following table shows which browsers/versions are supported for Lumesse TalentLink.
|TalentLink Back Office|
|Microsoft IE8||● †|
|Microsoft IE9||● †|
- † Microsoft IE8 and IE9 (with compatibility mode) support will cease from February 2017.
- †† Microsoft IE10 support commenced with the release of TalentLink 14.0
- ††† Microsoft IE11 support commenced with the release of TalentLink 14.1
- †††† Safari (Mac) support commenced with v15.0
Lumesse i-GRasp Back Office
The following table shows which browsers/versions are supported for Lumesse i-GRasp.
|i-GRasp Back Office|
- * From 12 January 2016, Microsoft IE8 will not be supported
All Additional Products
Lumesse Mobile Career Site:
The following tables show which browsers/versions are supported for Lumesse Mobile Career Site:
|Browser||Mobile Career Site Back Office|
|Microsoft IE9||● ††|
|Google Chrome||● †††|
- †† With IE8 Compatbility mode.
- ††† Indicates latest version of browser.
|Browser||Mobile Career Site Front Office|
|Android Browser||2.2 and above|
(iOS & Android)
Microsoft IE Mobile version 10
|Firefox mobile version
|Version 16 and above
The following table shows which browsers/versions are supported for Lumesse ETWeb. Exceptions and extra information are indicated by the use of "†" and appear below the table.
|ETWeb 10.3||ETWeb 10.4||ETWeb 10.5||ETWeb 10.6||ETWeb 10.7||ETWeb 10.8||ETWeb 11.0||ETWeb 11.1||ETWeb 11.2||ETWeb 11.3||ETWeb 11.3UP1||ETWeb 11.4||ETWeb 11.5||ETWeb empower Winter 2015||ETWeb empower Summer 2015|
|Firefox 1.5||● ††||● ††||● ††|
|Firefox 2||● ††||● ††||● ††|
|Firefox 3||● ††||● ††||● ††|
|Firefox 6||● ††||● ††|
|Firefox 22||● ††||● ††|
|Firefox 38||● ††|
|Safari 5.x (PC)||● ††||● ††|
|Safari 5.1.7 (PC)||● ††||● ††||● ††|
|iPad (iOS6)||● †|
|iPad (iOS7)||● †|
|iPad (iOS8)||● †|
- †† Not supported for use with OrgPublisher 7.5.
† This update supports key ETWeb features and functionality and enables users to use the system on this specific mobile device. Some users interactions and features are limited due to the nature of the device.
Lumesse ETWeb Mobile
We support iOS (iPhone 4/5) and Android Operating Systems (OSs). The following OS/Browser versions are officially supported for ETWeb Mobile v1.0.
|Mobile v1.0||Mobile v1.1|
|Build-In Browser||Chrome||Safari||Build-In Browser||Chrome||Safari|
- * = SSO only works with iOS 7.0.3 and further iOS versions.
Because the mobile landscape changes rapidly, Lumesse is aware that the minor and major additional OS versions will appear frequently. Lumesse aims to add additional OS/browser versions frequently and will publish a list of the current supported browsers on this page.
Lumesse Learning Gateway
The following table shows which browsers/versions are supported for Lumesse Learning Gateway.
|Google Chrome ††||●||●|
|Safari 5.x (PC)||●||●|
|Safari †† (Mac)|
- † Though our Learning portal does not support IE6, we have an older interface that does.
- † † We always support and test on the newest version of this browser. When a new version is released, we will stop testing on the former version and officially
switch our support after our next full release cycle.
Lumesse CourseBuilder v6
The following table shows which browsers/versions are supported for Lumesse CourseBuilder. Please note that all desktop versions require Flash 9 or later to author or run Flash-version courses.
Flash version only
|Google Chrome 12.x||●||●|
|Google Chrome 22 (PC)||●||●||●||●|
|Google Chrome 23 (Mac||●||●||●||●|
|Safari 5.x (PC)||●||●||●||●|
|Safari 6.x (Mac OSX 10.8)||●||●||●||●|
|Android 4.0 (ICS) or later:|
|Default Android browser*||●|
|iOS5 or later:|
|Win8 PRO (Intel based tablets):|
- Note: All desktop versions require Flash 10 or later to author content of Flash 9 or later to run the Flash version of courses.
- * Latest version of browser at the time of release of 6M is assumed; this varies from device to device. When taking into account that each device can have its own upgrade cycle, new versions are too frequent to fully test, but will normally be without issues.
- ** Under testing
- †† Chrome for iOS is currently not supported due to bugs in Chrome that prevent correct tracking of content to LMS.
|Microsoft Edge 12||●||●|
|Google Chrome 40||●*||●*|
|Android 4.1 or later:|
|Default Android browser||●††|
|Chrome 45 for Android||●*|
|iOS8 or later:|
|Win8 PRO / Windows 10 (Intel based tablets):|
|IE10 / 11 / Edge||●|
- † Not fully tested, but expected to work
- †† Tested on pure Android browser. Should work for MOST standard Android browsers, however there are wide variations.Note that browser-versions supplied/changed by phone-manufacturers may not be fully supported due to bugs/issues in the browsers, especially on older Android versions. Please refer to http://slides.com/html5test/the-android-browser#/ for an informal overview of the issues with testing for Android Browsers.
- ** Under testing