Frequently Asked Question

Please reach out for any additional questions

General

General question and answers about service

The answer is most likely, yes. One thing you can do is to ensure there are questions on employee recognition in your organization’s employee surveys. The results can be used to prove the need for greater employee recognition.

Surveys conducted by Sirota Consulting revealed that only 51% of workers were satisfied with the recognition they received after a job well done. This figure is as conclusive as you could get – it resulted from interviewing 2.5 million employees in 237 private, public and not-for-profit organizations in 89 countries around the world over 10 years.

This is by no means a comprehensive or complete list but these are just a few:

  • Increased individual productivity – the act of recognizing desired behavior increases the repetition of the desired behavior, and therefore productivity. This is classic behavioral psychology. The reinforced behavior supports the organization’s mission and key performance indicators.
  • Greater employee satisfaction and enjoyment of work – more time spent focusing on the job and less time complaining.
  • Direct performance feedback for individuals and teams is provided.
  • Higher loyalty and satisfaction scores from customers.
  • Teamwork between employees is enhanced.
  • Retention of quality employees increases – lower employee turnover.
  • Better safety records and fewer accidents on the job.
  • Lower negative effects such as absenteeism and stress.
  • This is a tougher one to answer. We'd rather approach this question from a different angle.

    Even if you aren’t a manager, you can be alert for opportunities to recognize others and take the initiative to do something. You can nudge your manager to do more of it and to encourage it in other departments.

    The best formula for recognizing an individual for their efforts is:

  • Thank the person by name.
  • Specifically state what they did that is being recognized. It is vital to be specific because it identifies and reinforces the desired behavior.
  • Explain how the behavior made you feel (assuming you felt some pride or respect for their accomplishment!).
  • Point out the value added to the team or organization by the behavior. Thank the person again by name for their contribution.
  • Pricing

    Question and answers about pricing

    We do this to make the set-up process as seamless as possible. It's much easier to get the hard stuff out of the way in advance rather than gathering it in bits and pieces along the way (according to customers). Don't worry, we'll never charge you for anything unless you've turned on a premium feature or exceeded the free number of seats, which is 10 team members. The nice part is that should you ever want to engage with a premium feature or add an 11th member, your account is already ready to go.

    It's free for 1-10 team members.

    It's $3/mo/seat for teams greater than 10 and not exceeding 100.

    For enterprise clients, it's typically handled through some negotiation and depends on the features you would like to activate.

    Yes. Gift cards are covered by the employer or team lead/owner. Gift cards have a 1:1 dollar value. It's up to you to set a budget of carrots which can be handled in the Admin section.

    We recommend exchange rates of 10:1, 20:1, and up to 100:1 with a monthly budget range of $5 to $20. Every company does it differently. Some companies exclusively use Culture Rewards (custom rewards) only which can be set up in admin as well here, Culture Rewards.

    Account

    Question and answers about accounts

    Yes. We have an activity dash in our admin section here, Activity Report. In the activity report, you can filter by send name, receiver name, carrots given, and post status.

    What are the status types and what do they mean?

  • Normal: This is an ordinary post that is still active and available to discover in the feed.
  • Possibly Unusual: This is a post that we've deem "unusual" for reasons such as point sharing, dumping points, and other abusive use cases.
  • Deleted: This is a post that has been removed from the feed and is no longer discoverable by non-admins.
  • We have an invite section in admin here, Invite Table. To invite to members, you have three options:

  • Individual invite by clicking the single person icon with a "+" sign in the top right and filling out all the important information for that invite.
  • Group invite by clicking the multi person icon with a "+" sign in the top right and filling out our csv sheet with the important information for those invites and uploading it to the same area.
  • Open invite by clicking the link icon in the top right and sharing it with others in your communication tools, like Slack. Team members can freely join that way. To limit your exposure, do make sure to whitelist sign up for your domain only which can be done at the bottom of this page here, Company Settings.
  • Security

    Protecting customer data is a top priority at CarrotHR. We understand you are trusting us with your data and we take the responsibility of securing it extremely seriously.

    Infrastructure

    System Architecture: CarrotHR's architecture is designed to be secure and reliable. We use an n-tier architecture with firewalls between each tier and additionally within certain tiers between services. Services are accessible only by other services that require access. Access keys are rotated regularly and stored separately from our code and data.

    Failout and Disaster Recovery: CarrotHR is built with fault tolerance capability. Each of our services is fully redundant with replication and failover. Services are distributed across multiple AWS availability zones. These zones are hosted in physically separate data centers, protecting services against single data center failures.

    Data Centers: Our application is hosted and managed within Amazon Web Services (AWS) secure data centers. These data centers have been accredited under:


    ISO 27001
    SOC 1 and SOC 2/SSAE 16/ISAE
    3402 (Previously SAS 70 - Type II)
    PCI Level 1
    FISMA Moderate
    Sarbanes-Oxley (SOX)

    We make extensive use of the capabilities and services provided by AWS to increase privacy and control network access throughout our system. Documents that provide more details about AWS security are available at AWS Whitepapers.

    Vulnerability Scans & Pentesting: CarrotHR uses security tools to continuously scan for vulnerabilities. Additionally, vulnerabilities in third-party libraries and tools are monitored and software is patched or updated promptly when new issues are reported.

    The system regularly undergoes third-party security reviews and penetration testing to identify potential vulnerabilities and ensure that they are addressed.

    Firewall: Our servers are protected by firewalls and not directly exposed to the Internet.

    Data Data Storage: CarrotHR data stores are accessible only by servers that require access. Access keys are stored separately from our source code repository and only available to the systems that require them. Additionally, production environments are sandboxed from testing environments.

    Backups: We maintain secure encrypted backups of important data for one year. We do not retroactively remove deleted data from backups as we may need to restore it, if removed accidentally. Backup data is fully expunged after one year.

    Logs: We aggregate logs to secure encrypted storage. All sensitive information (including passwords, API keys, and security questions) is filtered from our server logs. Log data is fully expunged after one year.

    Authentication & Passwords

    We never store passwords in a form that can be retrieved. Instead, we store an irreversible cryptographic hash using a function specifically designed for this purpose. Authentication sessions are invalidated when users change key information and sessions automatically expire after a period of inactivity.

    Monitoring: We monitor and rate limit authentication attempts on all accounts. Our system automatically blacklists any IP addresses responsible for suspicious authentication activity.

    User roles: We provide multiple user roles with different permissions levels within the product. Roles vary from account admins to users.

    Encryption

    HTTPS: All CarrotHR web traffic is served over HTTPS. We force HTTPS for all web resources, including our REST API, web app and public website. We also use HSTS to ensure that browsers communicate with our services using HTTPS exclusively. Additionally, we use only strong cipher suites.

    Encryption: Our primary databases, including backups are fully encrypted at rest. In addition, all archives and logs are fully encrypted at rest. We use industry standard encryption algorithms.

    Policies

    CarrotHR has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with employees.

    Incident Response: CarrotHR has a defined protocol for responding to security events.

    Security Training: All employees complete security training when they join and are continually refreshed.

    Confidentiality

    All employees have signed confidentiality agreements with CarrotHR.

    PCI compliance

    All credit card payments paid to CarrotHR go through our payment processing partner, Stripe. Details about their security posture and PCI compliance can be found at Stripe’s Security page.

    Disclosure

    If you have any concerns or discover a security issue, please email us at support@carrothr.com and we will quickly investigate. We request that you do not publicly disclose any issue you discovered until after we have addressed it.

    Integrations

    Question and answers about 3rd party integrations

    Go to Admin > Settings > Integrations or just go straight here, Integrations.

    Once you're on the integrations page, proceed by clicking "Add to Slack" button to begin connecting to your companies workspace.

    Follow the next step and feel free to adjust the channel name from #givecarrots, but we recommend keeping it for clarity and slack sanity. Finish the setup by clicking "Finish Installation" and accepting our permissions.

    We in no way abuse our Slack privileges and never use it to read your content on Slack.

  • ADP
  • BambooHR
  • Namely
  • Workday
  • Gusto
  • Paychex
  • If you have any requests for integrations, please do not hesitate to reach out to our customer support through intercom in the lower right on CarrotHR.com or email us at support@carrothr.com.