Skip to main content
Certified GDPR · PDP DGFiP · TLS 1.3 · Cloudflare WAF
Security & Compliance

Infrastructure built for
compliance and protection.

Native GDPR, sovereign EU hosting, Cloudflare WAF, two-factor authentication and DGFiP-certified PDP — every layer of BillGuård is designed to protect your operations and your resellers.

99.99% SLA LARGE plan
TLS 1.3 Transit encryption
AES-256 Data at rest
PDP DGFiP certified 2026
GDPR Compliant
Cloudflare Tier IV
2FA Security
PDP DGFiP Ready
EU Hosting
Multi-layer protection

Security at every level

GDPR native, real-time anti-fraud, end-to-end encryption — from the network layer to application isolation, every level is audited and documented.

GDPR

GDPR Compliant

Data hosted in the EU

Data hosted on sovereign EU infrastructure, native GDPR compliance. EU data residency guaranteed contractually. Right to erasure and data portability respected.

e-Invoicing

DGFiP-certified PDP

DGFiP-certified PDP · PA/DGFiP

A PA/DGFiP-certified Plateforme de Dématérialisation Partenaire integrated into BillGuård. Factur-X, EN 16931, Peppol ready. 10-year legal archiving included.

Anti-fraud

Real-time detection

Consumption anomaly detection

Machine learning algorithms analyzing each transaction in real time. Dynamic risk scoring, billing anomaly detection and automated alerts to prevent identity theft and payment fraud.

Auth

JWT RS256 · 2FA TOTP

Cloudflare WAF · DDoS

Mandatory two-factor authentication on all portals. Server-signed JWT RS256, 2FA TOTP for N1/N2 admin levels. Cloudflare protection against DDoS and SQL injection attacks.

Sovereignty

EU Hosting

Sovereign European cloud infrastructure

Exclusively sovereign European cloud infrastructure, no data transfer outside the European Union. Your resellers and their end clients are protected contractually.

Encryption

TLS 1.3 · AES-256

HSM — isolated keys

TLS 1.3 encryption in transit, AES-256 at rest. Encryption keys managed by an isolated HSM (Hardware Security Module). No plaintext data at any level.

Traceability

Audit Logs

Immutable timestamped logs

Full traceability of every action on the platform. Immutable timestamped logs, exportable on demand. Every operation is recorded with full user context and IP.

Multi-tenant

Data Isolation

Row-level security DB

Each reseller's data is fully isolated — row-level security at database level. No cross-tenant data leak possible. Isolation tested, audited and guaranteed contractually.

Regulatory compliance

Built for the legal obligations
of 2026.

The 2026 e-Invoicing reform is mandatory for all French B2B operators. BillGuård natively integrates a PA/DGFiP-certified PDP — no third-party integration required. Hosting exclusively on sovereign European cloud infrastructure.

  • Official PA/DGFiP certification — DGFiP-listed PDP platform
  • Factur-X · EN 16931 · Peppol — all formats supported
  • 10-year legal archiving — included in all plans
  • ISO 27001 — certification roadmap Q4 2026
Certifications & standards
GDPR European regulation
CNIL National compliance
PDP DGFiP Certified 2026
EN 16931 e-Invoicing standard
ISO 27001 Roadmap Q4 2026
Sovereign EU hosting
Sovereign European cloud infrastructure · No non-European providers · Data never leaves EU
FAQ

Security questions

How is data encrypted? +
Data in transit is encrypted with TLS 1.3. Data at rest uses AES-256 encryption at infrastructure level. Encryption keys are managed by our sovereign EU cloud provider.
Where is data hosted? +
Exclusively on sovereign European infrastructure within the EU. No data transfers outside the European Union. Data residency is guaranteed contractually.
How does DGFiP compliance work? +
BillGuård integrates a PA/DGFiP-certified Plateforme de Dématérialisation Partenaire (PDP). Factur-X + EN 16931 compliance is handled automatically for you and all your resellers.
Who has access to my resellers' data? +
Each reseller operates in an isolated environment (row-level security at database level). The BillGuård team only accesses data required for operations — never end-client data.
What is the uptime SLA? +
SLA varies by plan: 99.5% (START) · 99.9% (PRO/SCALE) · 99.99% (LARGE). Continuous 24/7 monitoring, proactive alerts, dedicated ops team.
Are security audits conducted? +
Periodic audits are conducted on infrastructure and code. Results are available on request for SCALE and LARGE plan clients under NDA.
Ready to start?

Ready to bill differently?

Billing · Payments · e-Invoicing in one platform. No per-CDR cost. Zero hidden fees. Ever.

Request a demo Investor space