What makes us different is what we don’t do.

Endoxia runs entirely on European soil, in its own secured environment for each office, and never trains on your data.

Not available to others

Your questions, documents and answers are only accessible within your own environment. Other customers cannot access them.

Not outside Europe

No byte leaves the EU. No backups in China or the United States. The infrastructure is entirely within the EU.

Not used for training

Your data is never used to improve or train AI models. Not by us, not by our infrastructure partners.

One location. One jurisdiction.

Endoxia runs in Paris on Scaleway’s infrastructure — a French company, part of Iliad, under exclusively European jurisdiction.

Paris, France

Paris

Out of U.S. range.

Since 2018, American law enforcement agencies have been able to submit data requests under the US CLOUD Act to any company under US jurisdiction. A server in Frankfurt or Amsterdam offers no escape: if the parent entity is American, the law applies.

Endoxia runs on Scaleway — part of Iliad, a French company with exclusively European ownership. Endoxia itself is a European legal entity. There is no American link in the chain for a CLOUD Act request to target.

The difference is not theoretical. For lawyers under attorney-client privilege, in-house counsel with sensitive company information, or compliance officers with GDPR obligations, this is the most important difference.

Certifications and supervision.

Scaleway

Our infrastructure runs on Scaleway, a French cloud company that is part of the Iliad group. Scaleway follows a sovereignty principle: all data centers are located in Europe and the software stack is developed in-house, without dependence on American suppliers. For Endoxia, this means that both the physical layer (servers, network) and the operational layer (management, monitoring) fall entirely within European jurisdiction.

ISO 27001

The infrastructure on which Endoxia runs is ISO 27001 certified. That is the international standard for information security management: a structured system for risk management, access control, encryption, and continuous improvement. Audits are conducted annually by independent certification bodies. Endoxia is working toward its own ISO 27001 certification path as an independent application layer on top of this certified infrastructure.

SecNumCloud

Scaleway is officially in the SecNumCloud qualification process. SecNumCloud is the strictest cloud certification issued by ANSSI, the French state cybersecurity agency. The standard imposes requirements that go beyond ISO 27001, with specific requirements around sovereignty, data localization, and protection against extraterritorial legislation — including the US CLOUD Act. The French state itself uses SecNumCloud as a minimum requirement for the most sensitive government data.