HiBob

VéRIFIé

RH & personnel · United Kingdom

Founded 2015 · hibob.com ↗

Israeli-founded modern HRIS for mid-market (Tel Aviv + London); 5,000+ customers, heavy US VC, mostly listed for completeness.

Pourquoi ce score ?

HiBob is Israeli-headquartered (Tel Aviv) with London as a major secondary office and offices in NYC, Amsterdam, Berlin, Lisbon, Sydney, Zagreb — country_iso set to GB reflects EU-buyer-facing brand but ownership_signal is eu_hq_us_funded due to Israeli HQ + heavy US VC funding (General Atlantic, Bain Capital Ventures, Insight Partners, Battery Ventures); CLOUD Act exposure material; score 2/5 reflects that this is the weakest 'EU' HR pick in the catalogue from a sovereignty perspective.

SCORE: 2.0/5
CLOUD ACT
OWNERSHIP
SUB-PROCS: — not disclosed

JUMP TO

OVERVIEW

About HiBob

**HiBob** (the "bob" platform) was founded in **Tel Aviv** in 2015 and operates a significant London office, with additional presence in New York, Amsterdam, Berlin, Lisbon, Sydney, and Zagreb. Targets mid-market (50-2,000 employees) with a modern HRIS UX. Compliance: **ISO 27001 + SOC 2** certified. But the sovereignty / procurement story is weak: **Israeli HQ + heavy US VC funding** (General Atlantic, Bain Capital Ventures, Insight Partners, Battery Ventures) means HiBob is the least "European" entry in this HR set. Listed for completeness and to flag the misperception that "London office" implies "European company" — for compliance-driven EU procurement HiBob fits the alternative-to-BambooHR slot but with material caveats.

SUB-PROCESSORS

Carte des sous-traitants · not disclosed

Vendor does not publish a sub-processors list. Schrems II compliance and CLOUD Act exposure cannot be independently verified without it.

CERTIFICATIONS

Référentiels & certifications

ISO/IEC 27001

ACTIVE

SOC 2

ACTIVE

Informational · US framework

FEATURES

Matrice de fonctionnalités

INTEGRATION & ACCESS

REST API

SSO (SAML / OIDC)

COMPLIANCE & GOVERNANCE

Audit log

Self-host / on-prem option

PRICING

Tarifs & paliers

PAYANT

Tarifs sur mesure

Contactez l’éditeur pour les tarifs par palier ou volume.

Voir la page tarifs ↗

PUBLIC DOCUMENTS

Documents publics

Vendor does not publish a public DPA. Without a publicly accessible Data Processing Addendum, small EU customers cannot self-serve the processor agreement — this caps the compliance score (see How we score).

Vendor does not publish a sub-processors list. Schrems II compliance and CLOUD Act exposure cannot be independently verified without it.

Data Processing Addendum (DPA)

— missing

missing
Sub-processors list

— missing

missing

ALTERNATIVES

Alternatives dans cette catégorie

Lucca

France

French sovereign-cloud HR platform (Nantes / Paris, est. 2002); SecNumCloud + ISO 27001; 1M+ users incl. AXA, Deezer.

Sage HR

United Kingdom

Sage Group plc's HR cloud product (formerly CakeHR from Riga, acquired 2019); UK-public parent, modular SMB HR.

Factorial

Spain

Spanish HR + payroll + finance SaaS (Barcelona, est. 2016); 16K+ customers, ISO 27001 + SOC 2 + AWS EU, US-VC-funded.

See all rh & personnel alternatives →