(Current version: September 2025)
Context
Illizeo attaches paramount importance to the protection of personal data of its clients and their employees.
In accordance with Article 28 of the General Data Protection Regulation (GDPR), Illizeo ensures that all its subcontractors comply with the same legal, contractual and technical requirements as those imposed on Illizeo.
Below is the current list of subcontractors used by Illizeo in the provision of its Illizeo Cloud Solutions SaaS services.
Subcontractors involved in data processing
Contractual scope
The subcontractors below are involved in the provision, maintenance and support of Illizeo Cloud Solutions services. They may access certain personal data under conditions strictly governed by contracts compliant with Article 28 of the GDPR and the Swiss Federal Data Protection Act (FADP).
Some subcontractors are optional: they are only activated if the client uses a specific feature or module (for example, electronic signature or SSO).
| Name of subcontractor | Country | Service Type | Data concerned | Guarantees |
| Infomaniak Network SA | Switzerland | Cloud hosting, databases, backups | HR data, customer documents, configuration files | 100% hosted in Switzerland, GDPR & LPD compliant, ISO 27001 certified |
| Microsoft Ireland Operations Ltd. | UE | Authentication (Entra ID), document storage (OneDrive), collaborative tools | Identifiers, access metadata, internal documents | Hosting in the EU, GDPR compliance, ISO 27001 |
| Atlassian Pty Ltd. | UE / USA | Ticket management and project documentation (Jira, Confluence) | Contact details, support ticket content | Standard contractual clauses, GDPR compliance |
| Google Ireland Ltd. | UE | Internal collaboration tools (Google Workspace) | Illizeo internal data only | GDPR compliance, ISO 27001 |
| DocuSign Inc. | UE / USA | Electronic signature of contracts | Last name, first name, email address, signature, metadata of the signed document | Standard contract clauses, GDPR compliance, ISO 27001 |
| Adobe Inc. (Adobe Sign) | UE / USA | Alternative electronic signature | Last name, first name, email address, electronic signature | Standard contractual clauses, GDPR compliance |
| Okta Inc. | UE / USA | Authentication and identity management (SSO) | Identifiers, login metadata | Standard contractual clauses, GDPR compliance |
| Verifi, Inc. | USA | Données des utilisateurs professionnels et données des clients finaux | Outil permettant de résoudre et de réduire les litiges liés aux transactions | |
| Stripe | IRL | Online payment platform enabling businesses to accept and manage payments over the Internet. | Customer details (name, email address, billing address), payment information (card number, bank account), transaction amounts and dates, as well as technical data related to the device/browser for fraud detection. | GDPR (UE), le UK GDPR, et la CCPA – EU‑US Data Privacy Framework, le Swiss‑US Data Privacy Framework – administrative, technical, and physical safeguard |
Contractual obligations and compliance
Illizeo ensures that:
- Each subcontractor is bound by a subcontracting agreement compliant with Article 28 of the GDPR.
- No data transfer outside the European Union or Switzerland is carried out without appropriate safeguards (Standard Contractual Clauses, local hosting, or adequacy decision).
- Subcontractors implement robust technical and organizational measures to ensure data security, confidentiality and integrity.
- Subcontractors only process data on documented instructions from Illizeo.
Notifications and updates
Illizeo undertakes to inform its clients in advance of any change of subcontractor, giving them the opportunity to object in accordance with the Data Processing Agreement (DPA) signed with Illizeo.
This list is kept up to date continuously and available at any time from this page.
Contact
For any questions regarding data protection and subcontracting:
Illizeo Sàrl
Address: Chemin des Saules 12A, 1260 Nyon, Switzerland
Email: dpo@illizeo.com
