Back
🇫🇷 🇬🇧

Trust Center HEELONYS

Trust Center & GDPR - HeelonVault

Trust framework for HeelonVault for DPO, CISO, and compliance leadership: architecture, security, and documentary evidence.

Visual summary - 4 key points

On-premise by default

Your data never leaves your infrastructure.

Zero-knowledge architecture

HEELONYS has no access to any customer secret, even during support.

AES-256-GCM + Argon2id encryption

Robust industry standards to protect sensitive data.

GDPR compliance Art. 25 & 32

Privacy by Design and Security by Default integrated into the product.

Trust argumentation

On-premise by default

HeelonVault is designed for exclusively local deployment in your information system. You keep full control over hosting, network access, and internal security policies. No cloud dependency is required to operate the solution.

End-to-end zero-knowledge

The zero-knowledge architecture guarantees that HEELONYS cannot read, extract, or reconstruct your secrets. Sensitive data never transits through HEELONYS servers, including during support interventions.

Strong encryption and derivation

Data is protected with AES-256-GCM for confidentiality and integrity. Hashing mechanisms rely on Argon2id to resist brute-force attacks and weak derivation attempts.

GDPR by design

HeelonVault natively applies principles of minimization, segmentation, and processing security. The design explicitly covers expectations of GDPR Art. 25 and Art. 32.

  • Sovereign audience measurement: use of Plausible Analytics for cookie-free statistical tracking that respects privacy.

DPO pack - Downloadable documents

Data Processing Agreement (DPA)

Contractual framework for personal data processing between HEELONYS and professional customers.

Download DPA

GDPR record sheet

Template for processing activity records used in operational GDPR governance.

Download record sheet

Information notice (template)

Ready-to-use support to inform data subjects according to GDPR obligations.

Download information notice

Best practices guide

Deployment and operations recommendations for security, infrastructure, and compliance teams.

Download guide

Impact analysis - CIO/CISO guide

Are you evaluating HeelonVault deployment in your infrastructure? Review our full impact analysis: security, sovereignty, GDPR/ISO 27001 compliance, deployment plan, and solution comparison.

Read CIO impact analysis

Technical specifications & compliance

  • Encryption: AES-256-GCM
  • Hashing: Argon2id
  • Deployment: On-premise only, no cloud dependency
  • Auditable source code: Apache 2.0 - see GitHub repository
  • Data processed: only metadata necessary for license management
  • GDPR references: Art. 25 (Privacy by Design) and Art. 32 (Security of processing)

DPO contact

For any request related to personal data protection, contact our data protection delegate.

Email: dpo@heelonys.fr

Read our full privacy policy

Last updated: 9 April 2026