Security and compliance are not boxes to tick on an RFP. They are the foundations of our platform. This page details how your data is hosted, encrypted, isolated and remains accessible to you.
Vantarian is hosted exclusively on OVH infrastructure. No client data is stored or transferred outside the European Union.
The OVH infrastructure used is certified HDS (Healthcare Data Hosting) and PCI-DSS. These certifications cover the host infrastructure and form the compliance foundation we rely on.
All communications between your users and the platform are encrypted with TLS 1.3, with systematic HTTPS redirection. Certificates are renewed automatically.
At rest, data stored in the database is encrypted, with keys managed via the OVH KMS. Files uploaded to the platform are also stored on encrypted volumes.
Backups are encrypted with keys separate from those used in production and replicated across multiple French data centers.
Each client organization has its own dedicated database, its own application environment, its own files isolated on disk. No data is shared between clients.
This strongly isolated multi-tenant architecture guarantees that any failure or malformed query on one environment cannot, under any circumstances, expose another client's data.
Vantarian acts as a data processor within the meaning of Article 28 of the GDPR. We systematically sign a compliant data processing agreement with each of our clients.
Vantarian supports single sign-on via your corporate directory. Your users log in with their usual credentials, without creating a new account.
At any time, you can request a complete extraction of your data in standard format. We provide a structured export covering:
Whether you're preparing an RFP, a technical specification or a security questionnaire to fill out, we respond precisely within the deadlines you give us. Write to us describing your need.
Contact us