Our subcontractors and technology partners

Full transparency on our partner ecosystem and the security guarantees in place

GDPR Compliance

All our subcontractors have signed subcontracting agreements compliant with the GDPR (Article 28) and comply with our security and confidentiality requirements.

As part of our commitment to transparency and GDPR compliance, we list below all our subcontractors who may have access to your personal data or participate in its processing.

This list is updated regularly. In case of changes, we will notify you according to the terms set out in our service contract.

List of our subcontractors

Scaleway

Cloud Hosting

France/EU Hosting

Services provided

Hosting of application infrastructure, databases, AI services, and data backup.

Data location

Data centers in France (Paris, Lille)

Certifications

ISO 27001, HDS (Hébergeur de Données de Santé), ANSSI

Purpose

Secure hosting of the platform and client data

OpenAI (ChatGPT)

Artificial intelligence

United States AI

Services provided

AI content generation for continuity plans, crisis scenarios, and improvement suggestions.

Data location

United States - Transfer governed by Standard Contractual Clauses

Specific guarantees

Business API Mode - no training on your data, retention limited to 30 days

Purpose

Assistance with drafting and optimizing resilience plans

Sentry

Monitoring and Error Analysis

United States Monitoring

Services provided

Application error monitoring, performance analysis, and security alerts.

Data processed

Technical error logs, performance data (no business data)

Certifications

SOC 2 Type II, ISO 27001

Purpose

Maintaining service quality and proactive incident detection

Google Analytics

Audience Analytics

United States Analytics

Services provided

Web traffic analysis, audience measurement, and user experience optimization.

Data processed

Anonymized browsing data, usage statistics (with your consent)

GDPR Configuration

Privacy-friendly mode, IP anonymization, no transfer to Google Ads

Purpose

Improving website usability and performance

Additional information

Security Measures

  • End-to-end encryption of data in transit
  • AES-256 encryption of data at rest
  • Regular security audits
  • Strict access controls and audit logs

International Transfers

For subcontractors located outside the EU, we have implemented Standard Contractual Clauses (SCC) approved by the European Commission and carried out Data Protection Impact Assessments (DPIA).

Your Rights

  • Right to access your data
  • Right to rectification
  • Right to erasure
  • Right to data portability

Contact

For any questions about our subcontractors or your personal data:
Email : h.lajoie@resilis.com
Data Protection Officer

Last updated

23 June 2026

This list is updated whenever a new subcontractor is added or an existing subcontractor is modified. We commit to notifying you of any significant changes.

Questions about our security practices?

Our team is available to answer all your questions about security and compliance.

Contact Us
Terms and Conditions Legal Notice Cookies Manage your cookies Security Trust Center Privacy