Elido
Trust Center

Trust, written down.

Elido est hébergé en EU par défaut, conforme au GDPR et conçu avec des pistes d'audit intégrées. Tout ce qui suit est ce que nous faisons déjà — pas ce que nous prévoyons.

Read the DPAsecurity@elido.app
SOC 2 Type II
ISO 27001
GDPR
HIPAA-aware (Business)
EU-residency
Workspace region · pin once
irreversible at create
  • FrankfurtFRA · eu-central-1
    EU residency · default

    Default for every workspace. Audit log, clicks, backups stay in-region. No DPF or Schrems II reliance.

  • AshburnIAD · us-east-1
    Opt-in

    Workspace creation only. Irreversible. For US-resident customers who want US data path.

  • SingaporeSIN · ap-southeast-1
    Business+ · opt-in

    Workspace creation only. Irreversible. APAC residency for Business and Enterprise plans.

No cross-region replication for hot dataaudit · clicks · backups
5
Sub-processors, public list
90d
Pro audit retention (7y on Business)
30d
DSAR SLA (5d expedited on Business)
0
Cross-region transfers for hot data

What “trust” means in product terms

Ce que nous entendons par confiance

Each pillar maps to something concrete you can grep for in the audit log, the DPA, or our public infra repo. No marketing ambiguity.

EU-residency, par défaut

Postgres, ClickHouse, Redis, MinIO — tous à Francfort. Les plans Business peuvent choisir Ashburn ou Singapour. Free + Pro ne quittent jamais l'EU.

Piste d'audit sur tout

Paramètres d'espace de travail, changements de rôles, rotations de clés, créations de liens, suppressions, exports. Chaque événement a un qui, quand et quoi — exportable.

Lecture seule par défaut pour l'AI

Les intégrations AI reçoivent des clés limitées et rotatives. L'accès en écriture/suppression est un paramètre d'espace de travail explicite et audité — pas un défaut.

BYOK et clés gérées par le client

Utilisez votre propre KMS pour le chiffrement au repos sur Business. Pivotez les clés sans ré-encrypter le stockage froid.

Pipeline anti-abus

Chaque lien passe par un scanner composite (URLhaus + Google Safe Browsing + heuristique) à la création et lors d'un scan récurrent.

Transparence des sous-traitants

Liste complète, localisation et finalité. Nous notifions les ajouts ; des options de retrait sont disponibles pour certains.

Append-only audit log

Every state change is recorded.

Append-only is enforced at the database layer: the audit table grants only INSERT and SELECT to application roles, with no UPDATE or DELETE. Even our own admins can’t rewrite history without a migration that shows up in change control. Retention is 90 days on Pro and 7 years on Business — covering SOX, MiFID II, and HIPAA without an add-on.

  • Actor identity
    User ID or service principal, plus source IP and request ID
  • Before/after diff
    Structured JSON diff of the changed row — not just a text log line
  • SIEM firehose
    HMAC-signed webhook to Splunk / Datadog / ELK in real time
  • Tamper-evident
    Postgres GRANT enforcement; no UPDATE / DELETE for app roles
Security overview →
Audit entry · evt_8c41a7
domain.claim · ws_8a2f
Actor
admin@elido.app
Timestamp (UTC)
2026-05-08T11:42:18Z
Source IP
203.0.113.42 · DE
Source
dashboard · req_a4f9c1
  {    "domain": "go.acme.eu",-   "status": "pending_dns",+   "status": "verified",-   "tls_mode": "none",+   "tls_mode": "on_demand",+   "verified_at": "2026-05-08T11:42:18Z",    "workspace_id": "ws_8a2f"  }
Event type
domain.claim
Diff lines
+3 / -2
Retention
7 years (Business)
Append-only · enforced by Postgres GRANTStreamed to SIEM

Data subject access requests

Subject rights via API.

You receive a subject request from your end user. You forward it via the dashboard or API as a controller-on-behalf-of-subject request — Elido authenticates the controller (you), not the subject. The bundle is a signed zip: identity record, links, audit-log entries where the subject is the actor, billing receipts if the subject is a workspace owner. Standard SLA is 30 days; Business expedited returns inside 5 business days.

  1. Step 1

    Subject request

    End user → controller (you)

    Subject contacts you. You authenticate them in your own product, not in Elido.

  2. Step 2

    DSAR API call

    POST /v1/dsar

    Forward as a controller-on-behalf request with subject email + request type (export / erase).

  3. Step 3

    Workspace bundle

    signed zip · JSON + CSV

    Identity, links, audit-log entries where subject is actor, billing if owner, anonymised click metadata.

  4. Step 4

    SLA

    30 days · 5 days expedited

    Standard SLA on every plan; Business expedited tier returns inside 5 business days.

Read the DPA →DSAR endpoint reference → API

Five sub-processors, listed publicly

Five vendors. Listed publicly.

The full list with vendor location, processing purpose, data categories, and DPA reference URL lives at /legal/subprocessors and is checked into the public docs repo, so changes appear in git history. Adding or replacing a sub-processor triggers a 30-day notice to every workspace admin via in-app banner and email before processing begins, so customers can object. monobank Plata replaced LiqPay under ADR-0026 in 2026-05.

Sub-processor fan-out · workspace data flow
5 vendors · public list
Your workspace
ws_xxxx
eu-central-1 (default)
  • HetznerISO 27001
    Compute · primary infra
    EU · Frankfurt + Helsinki
  • OVHISO 27001 · SOC 2
    Compute · Business region pins
    EU + APAC POPs
  • PostmarkSOC 2 Type II
    Transactional email
    EU (opt-out for EU-only)
  • monobank PlataPCI DSS L1
    Payments · replaced LiqPay (ADR-0026)
    EU
  • CloudflareISO 27001 · SOC 2
    Marketing proxy + WAF (not redirect path)
    Global
Adding a vendor triggers a 30-day customer notice/legal/subprocessors
See the full sub-processor list →Security overview → architecture

Compliance posture

Where we stand on the frameworks customers ask about.

No future-tense claims. Each row says what is shipped today, what’s in observation, and what’s available as an add-on under contract.

Achieved

ISO 27001

Information security management system, certified scope covers the full Elido platform.

In progress

SOC 2 Type II

Observation period running through H2 2026. Type I report available under NDA today.

Default

GDPR

EU residency by default, pre-signed DPA with standard SCCs, public sub-processor list.

Available

HIPAA-ready

BAA on Business+ with encryption, audit logging, and access controls already wired.

Default

EU residency

Postgres, ClickHouse, Redis, MinIO — all in Frankfurt. No reliance on Schrems II / DPF.

Default

Encryption

AES-256 at rest, TLS 1.3 in transit, KMS-backed key rotation. BYOK on Business.

Compliance FAQ

The questions procurement keeps emailing us.

Do you sign a DPA?

Yes. Our standard DPA is pre-signed with EU SCCs and downloadable from /legal/dpa. No negotiation needed for default terms — paid plans get it counter-signed automatically. Custom redlines are available on Business and Enterprise.

How many sub-processors do you use?

Five: Hetzner (compute, EU), OVH (compute, EU + APAC for region pins), Postmark (transactional email, EU), monobank Plata (payments, EU — replaced LiqPay under ADR-0026), and Cloudflare (marketing proxy + WAF; never on the redirect path). The full list with location, purpose, and DPA reference is at /legal/subprocessors.

Is region pinning available on every plan?

EU residency is the default for every workspace, on every plan, and never changes. Opt-in pinning to us-east-1 (Ashburn) or ap-southeast-1 (Singapore) is workspace-only, irreversible at create time, and gated to Business and Enterprise plans.

What's the DSAR turnaround?

30 days standard SLA on every plan. Business and Enterprise get a 5-business-day expedited tier. DSARs are filed via API or dashboard (POST /v1/dsar) — you authenticate the controller, we authenticate you, and the bundle ships as a signed zip with identity, links, audit-log entries, and billing records.

How do BAAs work for HIPAA?

BAA on Business+ only. The technical safeguards (encryption, audit logging, access control, secure backup) are the same as the default tier — the BAA is paperwork, not feature-gating. Email compliance@elido.app to start.

Is there a self-host option?

Yes. The redirect tier and click-ingester are open source under Apache 2.0 with a Helm chart for Kubernetes. Customers run the redirect tier in their own VPC and point the dashboard at our control plane, or run the entire stack on-prem. The repo is the same code we run.

How do you notify customers about sub-processor changes?

Adding or replacing a sub-processor triggers a 30-day notice via in-app banner and email to every workspace admin. Customers can object before processing begins. The list at /legal/subprocessors is checked into a public git repo so changes appear in version-control history.

Where do you publish incidents and uptime?

Live status, recent incidents, and full post-mortems at /status. Incidents that affect security are also posted to security@elido.app subscribers and to the Trust Center page within the SLA window defined in the DPA.

Où regarder ensuite

Every claim above has a public doc. If you’re evaluating us for a procurement decision, start here.

Sous-traitants

Avec qui nous partageons des données, leur localisation et pourquoi.

DPA

Signez avant de traiter des données personnelles EU.

Confidentialité

Ce que nous collectons, ce que nous ne collectons pas, fenêtres de rétention.

Page sécurité

Architecture, chiffrement, gestion des secrets, modèle de menace.

Status

Uptime en direct, incidents récents, post-mortems.

Contact

Une question de sécurité ?

security@elido.app pour les rapports de vulnérabilité (PGP disponible). compliance@elido.app pour SOC 2 / ISO / DPA. Nous répondons sous un jour ouvré.

Security

Vulnerability reports, security.txt, PGP key. We respond within one working day.

security@elido.app

Compliance

SOC 2 / ISO requests, DPA counter-signing, sub-processor notices, BAA process for HIPAA.

compliance@elido.app

Sales

Enterprise procurement, security questionnaires, and custom-terms requests.

sales@elido.app

Ready when procurement is.

Pre-signed DPA, public sub-processor list, audit log on every plan. Start free or talk to sales for the security questionnaire shortcut.

See pricingTalk to sales
Trust Center · Elido