Affix provides access to multiple payroll and HR systems via a single unified developer API, allowing customers to get access to this data in a seamless and secure way, and integrate with multiple providers with just one integration.

Affix is an OAuth 2.1 application that allows developers to access certain data collected from HR/Payroll systems, without developers needing to manage integrations or collect login credentials from users for these third party systems. Affix uses both official and unofficial APIs from the providers themselves to collect data from certain third parties while that data is en-route to be displayed on web pages.

No. We view data as a liability. We store as little data as possible, and only enough to satisfy the developer’s API requests with as little latency as possible. We have no interest in the content of the data.

Yes. Affix doesn’t store any payroll or HR data. Usernames and passwords are encrypted via an AWS KMS symmetric key with key rotation enabled, and stored (ciphertext only) in an AWS DynamoDB table (encrypted at rest). Affix’s database, AWS DynamoDB, is secured via AWS IAM, and internal systems are provided access via the principle of least privilege. Our encryption key, a Customer Managed Key behind AWS KMS, is secured via AWS IAM, and internal systems are provided access again via the principle of least privilege. Traffic between you or customers and the Affix API is encrypted in-transit with TLS.

When compared with current alternatives to transfer this data, such as via CSV, it’s clear that Affix is the most secure solution out there. You can read more about Affix’s security at https://affixapi.com/security.

Affix uses a consent page that informs customers about the purpose of data processing and the type of data collected. Customers must explicitly give their consent, ensuring no GDPR breaches occur.