Compliance and certification

Conformité et certifications

Compliance and certification

Customer trust is our top priority. Our pragmatic and efficient security is built on the technical expertise and professionalism of our teams, allowing our users to understand our approach while maintaining control.

The policies implemented must be transparent and produce measurable results. They must also adapt to changing threats and be similar between providers. To achieve this, we certify our solutions to the very highest security standards.

ISO27001
ISO 27001

ISO/IEC 27001:2013 Certification and ISMS relating to Information security management systems for cloud services

ISO27017
ISO 27017

ISO/IEC 27017:2015 certification relating to information security controls for cloud services

ISO27018
ISO 27018

ISO/IEC 27018:2014 Code of practice for protection of personally identifiable information for cloud services

ISO27701
ISO 27701

ISO/IEC 27701:2019 Certification and PIMS relating to personal data processing security management

RGPD
GDPR

Compliance with Regulation (EU) 2016/679, known as the General Data Protection Regulation (GDPR)

SOC
SOC 1

AICPA certification SSAE 16/ISAE 3402 Type 2 for control over financial reporting

SOC
SOC 2

AICPA certificate SSAE 16/ISAE 3402 Type 2 for control over security, availability and confidentiality

SOC
SOC 3

AICPA Public Report on the SSAE 16/ISAE 3402 Type 2 Controls

CSA
CSA STAR

Cloud Security Alliance (CSA) Level 1: Best Practices Self Assessment

Cispe
CISPE

Founding member of Cloud Infrastructure Services Providers in Europe (CISPE) and signatory of its code of conduct

ANSSI
SecNumCloud ANSSI Security Visa

ANSSI Security Visa for SecNumCloud framework compliance for cloud services

Find out more
G-Cloud
G-Cloud UK

G-Cloud Digital Marketplace for Public Sector Cloud Service Procurement in the UK

Health data in EU
Healthcare data in Europe

Compliance for hosting healthcare data from French, British, Italian, German and Polish citizens

HDS
HDS

Certification by the French Digital Health Agency (ANS) for hosting healthcare data

Find out more
Conformité HIPAA et HITECH pour l'hébergement de données de santé aux États-Unis
HIPAA & HITECH

Compliance with the United States Health Insurance Portability and Accountability Act in our US datacentres.

Find out more
PCI-DSS
PCI DSS

Lever 1 Payment Card Industry Data Security Standard certification relating to payment data hosting

Find out more
EBA European Banking Authority
EBA

Compliance with the European Banking Authority (EBA) Outsourcing Guidelines for Financial Service Operators in Europe

PSEE
ACPR PSEE

Compliance for the provision of outsourced essential services from the French Prudential Supervision and Resolution Authority

Need support or information?

You can request a free callback from an OVHcloud advisor

Contact us

Our solutions for regulated industries

HDS_Photo-header | OVHcloud
Solutions for the healthcare sector
Find out more
services financiers
Financial Data Hosting for PCI DSS Certification
Find out more
Solutions pour les données sensibles industrielles OVHcloud
Solutions for industrial sensitive data
Find out more

Additional services

Certifications and reports

Our customers can access our certification and report documents upon request. They may also request documents relating to our certifications subject to certain conditions.

On-site audits

We only authorise audits carried out by third parties for the purpose of certifying all relevant parties. Contact our sales department to access this type of service