• About us
  • Newsroom
  • Careers
  • Become a partner
  • Search
Compute
High-performance, scalable computing resources for your critical workloads. Orchestrate your cloud-native applications with our modern container solutions.
Discover the Calcul offer
Virtual machines
VM Instances
An on-demand, flexible and secure virtual machine solution on a shared infrastructure.
Dedicated servers
OpenSource IaaS
Open source virtualised infrastructure in a trusted SecNumCloud-qualified cloud environment for complete technological sovereignty.
VMWare IaaS
Your VMware virtual machines in a trusted SecNumCloud-qualified and HDS-certified cloud environment.
Bare Metal
Dedicated, fully customisable servers for total autonomy over your sovereign infrastructure.
Containers
Openshift PaaS
The unified platform for creating, modernising and deploying your large-scale applications in a sovereign cloud.
Managed Kubernetes
Managed container orchestration solution offering security, resilience and advanced automation on sovereign infrastructure.
Storage
Adaptable, high-performance storage solutions for all your needs. Optimise your data with our highly available block and object solutions.
Discover our Storage offer
Storage
Block storage
The adaptable block storage solution for optimum storage performance in a sovereign cloud.
Object storage
The scalable, cost-effective storage solution for your unstructured data in a sovereign cloud.
Backup
Backup solutions
Differentiated backup solutions tailored to your challenges and environments
Network
Advanced network solutions to connect and secure your infrastructures. Deploy your private networks automatically and securely.
Discover the Network offer
Network
Virtual Private Cloud
Deploy and manage your private networks 100% automatically and securely.
Private Backbone
Take full control of your network with extended Layer 2 connectivity, designed for hybrid architectures and bespoke configurations.
Firewall
Managed Firewall
Advanced security solutions for complete insulation and enhanced protection
Accommodation Dry
Housing - Dedicated space
Secure hosting for your equipment in a dedicated or shared environment, depending on your needs.
Security
Advanced security solutions to protect your critical infrastructures. Control access and defend against online threats.
Discover the Security offer
Security
Anti DDoS
The shield against online attacks
Bastion host
Transparent, centralised access control for robust protection of your infrastructure
Managed KMS
Sovereign cryptographic key management, with HSM hardware root of trust, to protect your most sensitive data on SecNumCloud infrastructure.
Managed SIEM
A centralised platform for collecting and correlating security logs, combining AI-based automation and advanced detection rules (MITRE ATT&CK).
IA
Artificial intelligence solutions to transform your data into insights and accelerate your business processes.
Discover the IA offer
IA
LLMaaS
Access cutting-edge language models on a sovereign, SecNumCloud-qualified and HDS-certified infrastructure for high-performance, secure AI applications.
GPU
NVIDIA GPU instances to accelerate your artificial intelligence and high-performance computing in a sovereign cloud.
Data
Data solutions to manage, analyse and exploit your critical data.
Discover the Data offer
Databases
Managed MariaDB
A fully managed MariaDB relational database and PITR backup on SecNumCloud sovereign infrastructure.
Managed PostGreSQL
The fully managed relational database solution on SecNumCloud sovereign infrastructure
Big Data
Managed Kafka
The open-source distributed platform for streaming data in real time
Managed File System
A managed, sovereign, high-availability distributed file system, accessible via NFS and SMB on the SecNumCloud infrastructure.
Management & Governance
Coaching and support services to help you with your cloud transformation.
Find out about our support services
Support
Support levels
Discover the 3 levels of support available to help you meet your challenges.
Professional services
From design to optimisation, Cloud Temple is with you every step of the way.
Governance
Console - API - Terraform Provider
A single interface for viewing and managing your products and services
Observability
Infrastructure metrics available in market standards
About us
The company
Who are we?
Management team
Locations
CSR commitments
Sectors
Public sector
Health
Financial sector
Industry
Our approach
Our compliance procedures
Our SecNumCloud approach
Trusted AI
Interoperability & hybridity
Transparency in the processing of health data
Newsroom
The magazine
Events & Webinars
Press releases
In the media
Documentary database
Careers
Working at Cloud Temple
Join us
Become a partner
Software publishers
Managed Services Providers
FR AT FROM IT
Contact

Transparency in the processing of health data

Cloud Temple provides HDS-certified hosting and facilities management services specifically tailored to the challenges of the healthcare sector.

In application of requirement 31 of the ANS HDS V2 standard, this section details the procedures for the transfer of personal health data (PHCD) operated by Cloud Temple, both within and outside the European Economic Area.

Access mapping
Company name Role in providing accommodation HDS certified SecNumCloud 3.2 qualified Accommodation activities in which the player is involved Access to personal health data from countries outside the European Economic Area, by the Host or one of its subcontractors (requirement no. 29 of the HDS standard) Host or subcontractor subject to a risk of access to personal health data from countries outside the European Economic Area, imposed by the legislation of a third country in breach of EU law (requirement no. 30 of the HDS standard)
Cloud Temple Host Yes (Cloud Temple certification) Yes (Cloud Temple qualification) HDS-certified activities: 2, 3, 4, 6 Hosting and outsourcing of backups No, no access to data from outside the European Economic Area No, there is no risk of unauthorised access to the data covered by requirement 30 of the HDS standard.
Cloud Temple Host Yes (Cloud Temple certification) No HDS-certified activities: 5 Outsourcing carried out exclusively from France No, no access to data from outside the European Economic Area No, there is no risk of unauthorised access to the data covered by requirement 30 of the HDS standard.
Freelance engineers based in Tunisia Subcontractor Yes (Cloud Temple certification) No HDS-certified activities: 5 Outsourcing carried out by mixed teams, including staff based in France and freelance engineers based in Tunisia. Yes, access not covered by an adequacy decision within the meaning of Article 45 of the RGPD: Tunisia (further information below) Yes, risk of unauthorised access to data covered by requirement no. 30 of the HDS standard: Tunisia (additional information below)

Access to personal health data from countries outside the European Economic Area

Type of access

  • Nature of the data : Personal data hosted on outsourced customers' information systems
  • Categories of data: All categories of personal data stored by customers in their information systems.
  • Persons concerned: Customers, employees, suppliers or other contacts of managed services customers
  • Storage location: France
  • Purpose of the transfer: Managed services
  • Legal basis for the transfer: Standard Contractual Clauses (SCC)
  • Access to data : Technical administration rights over infrastructures. No operational access to health data, except for duly documented critical maintenance actions.
  • Scope of intervention: Access limited to the storage and technical infrastructure hosting the data, without processing the content.

Risk of access imposed by the legislation of a third country in breach of EU law (requirement no. 30 of the HDS standard)

  • Tunisian law places restrictions on government access to personal data.
  • Article 76 of Organic Law no. 2004-63 prohibits the transfer of data likely to undermine public security or Tunisia's vital interests.
  • However, there are exceptions for reasons of national security, defence or international relations. The public body may refuse access to information in these cases.
  • The Instance Nationale de Protection des Données à Caractère Personnel (INPDP) has the power to access personal data being processed in order to verify it.
  • Residual risk: Potential access by the Tunisian authorities strictly limited to cases of national security or defence cited by law.

Appropriate safeguards and guaranteess

Contractual measures

  • Standard contractual clauses (SCC) :
  • Use of CCTs adopted by the European Commission on 4 June 2021, based on the model recommended by the CNIL
  • These clauses provide a legal framework for transfers of personal data outside the EU
  • They incorporate the requirements of the RGPD and the recommendations following the Schrems II ruling.

Technical measures

  • Strong encryption of data during transfer and processing
  • Implementation of strict access controls and strong authentication
  • Network segmentation and data partitioning
  • Data access logging and monitoring
  • Regular updating of security systems and applications
  • Encrypted backup and regular restore tests

Organisational measures

  • Background checks on staff
  • ISO 27001 certification covering outsourcing activities
  • Ongoing training for the provider's staff on data protection and information security
  • Rapid notification procedure for access requests from the Tunisian authorities
  • Implementation of a documented and regularly updated information security policy
  • Procedures for managing security incidents and data breaches
  • Regular information security risk assessments
  • Setting up a business continuity and disaster recovery plan

Data Protection Officer

Contact: dpd@cloud-temple.com

Contact our teams

 

Cookie policy

We use cookies to give you the best possible experience on our site, but we do not collect any personal data.

Audience measurement services, which are necessary for the operation and improvement of our site, do not allow you to be identified personally. However, you have the option of objecting to their use.

For more information, see our privacy policy.

Authorise Refuse