Continue without accepting
We use cookies necessary for the basic functionality of the website and cookies for marketing, analytics and site personalization purposes as outlined in our cookie policy. You can accept or decline non-functional cookies by clicking on the relevant buttons. If you refuse these cookies, certain functions may be less effective. You may withdraw your consent at any time. To find out more about how we uses your personal data, please consult our privacy policy.
PreferencesAccept

Security Measures

1. Data hosting and access

The servers used by the Service Provider are hosted on servers located in France.  Our subcontractor's services provide multiple levels of replication and security to ensure maximum availability and a strong guarantee of data protection.

This includes:

  • Redundant servers for API and Web interface
  • Encrypted database passwords
  • Operating systems used on servers regularly updated with the latest security updates
  • External service monitoring via dedicated tools
  • Data encryption with TLS for the public part of the Solution (accessible from the Internet)
  • Identity management provided by the cloud provider
  • Virtual private link between our instances and applications via network firewall
  • Storage encryption

Access to source code and personal data is restricted to the Service Provider's employees or partners who need it for the operation, development or monitoring of the Service Provider's services. These persons are contractually bound to respect the confidentiality of such data, and are subject to disciplinary action should confidentiality be breached.

All accounts are nominative with traceability of access and actions.

The Service Provider’s services are periodically updated with the latest security patches available.

2. Other organizational and technical measures implemented by the Service Provider

Organizational

  • Authorization management
  • Access logging
  • Subcontracting agreement
  • DPA
  • Management of security incidents and data breaches
  • Personnel management
  • Risk management
  • Maintenance  

Physical

  • Access control systems
  • Badge readers (NFC)
  • Means of identification
  • Surveillance by an individual
  • Video surveillance  

Techniques

  • SSO - LDAP authentication
  • Storage encryption
  • Data partitioning
  • Https
  • Strong password
  • Supervision

Sub-processors of the Service Provider as at the date hereof

 Sub-processors Type and Purpose of process Localization et contractual agreement 
Amazon Web Services EMEA 38 avenue John f. Kennedy, l1855 Luxembourg, Luxembourg Hosting and storage of the Solution and its database Luxembourg (sub-processor) France (servers)  Data Processing Agreement (DPA) 
Azure (Microsoft) South County Business Park Leopards town Dublin 18 D18 P521, Dublin, Ireland Hosting and storage of the Solution and its database Ireland (sub-processor) France (servers)  Data Processing Agreement (DPA) 
Atlassian (Jira) 341 George Street NSW 2000, Sydney, Australia Support (ticketing) Australia, Data Processing Agreement (DPA) and European Standard Contractual Clauses  
Mailgun  E Pecan St #1135  San Antonio, Texas 78205  USA E-mails notification management USA (sub-processor) France (servers)  Data Processing Agreement (DPA) and European Standard Contractual Clauses 
Notion Labs Inc. 2300 Harrison Street, Floor 2, San Francisco, CA 94110  USA Database USA (sub-processor)  Data Processing Agreement (DPA) and European Standard Contractual Clauses 
Zendesk   266 Place Ernest Granier  34500 Montpellier France Support (Customer) USA (servers) France (sub-processor)  Data Processing Agreement (DPA) and European Standard Contractual Clauses