Ethicaline TPRM handles sensitive third-party data. Data protection isn't a feature we bolted on — it's how the platform was built. Here is our approach.
The platform's technologies and components are chosen, by design, to be hosted within the European Union — in France and Germany. Your data resides in the EU.
Privacy is an architectural decision, not a policy afterthought. We collect only the data needed to run assessments, and keep personal data minimal and purposeful.
The platform is built to align with GDPR from the ground up — EU data residency, data minimization, and controlled access as founding principles.
Access to the platform is authenticated, with role-based permissions that ensure users see only the data appropriate to their role.
Ethicaline TPRM is deployed on infrastructure hosted within the European Union — in France and Germany — selected specifically for European data-protection expectations.
The underlying infrastructure providers maintain recognized, independently-audited security and privacy certifications, and data processing agreements aligned with GDPR are in place across the technologies used:
These certifications are maintained by the infrastructure providers on which the platform is built, and are independently audited. Sources: Cloudflare Trust Hub, Supabase Security, Fly.io Compliance. Certification scope is that of each provider; Ethicaline inherits these controls through its use of their EU-region services.
We keep this page deliberately high-level. The full detail of our architecture, hosting locations, sub-processors, certifications and data-processing terms is available in our GDPR documentation on request — contact us for the complete pack.
When you assess third parties, you handle names, affiliations and sometimes sensitive findings. A due-diligence tool should reduce your risk exposure, not add to it. By building on EU-hosted, independently-certified infrastructure with privacy designed in, Ethicaline TPRM keeps your third-party programme aligned with European data-protection expectations.
This site uses privacy-first, cookieless analytics and sets no tracking or marketing cookies. Privacy & Cookies