What security certifications does Comply have?

Cloud services from AWS

We use a world-leading cloud that follows global security policies.

Our security is certified by AWS (Amazon web Service)

User security on Comply’s platform is guaranteed by:

  • Secure transmission channels (https)
  • Encryption of data sent by the user to Comply
  • Two-factor authentication, which requires users to confirm their identity in two separate and distinct forms

Peppol access point

Comply is an accredited Peppol Service Provider for document exchange, guaranteeing you of its security for this type of document exchange.

The aim of the Peppol project is to bring Public Administrations and enterprises closer together, digitizing the procedures for preparing and awarding the pre-award phase of tenders, as well as the execution and fulfillment of the tender contract (post-award phase).

By leveraging Comply, you can achieve end-to-end integration of your corporate information system and the OpenPeppol network, for all post-award tender processes.


OFTP2 (Odette File Transfer Protocol) is the communication protocol created for EDI (Electronic Data Interchange) applications within complex systems and organizations, where security and traceability are essential.

Compared to other protocols, it is characterized by:

  • its transmission speed
  • native handling of return receipts
  • two-tier message routing


The AS2 protocol is widespread among large retail and e-commerce companies.

This standard provides for signing and encryption of messages exchanged over an HTTPS connection, and handles signed return receipts.

Comply uses software components certified by the AS2 Drummond Group, the global leader in Interoperability Software Testing.

ISO Certifications

Comply exclusively uses certified data centres to manage the services of:

  • Cloud Computing and Cloud Storage
  • High Availability and Disaster Recovery
  • e-mail
  • domains and Internet sites
  • IT security

Specifically, the certifications required are:

  • ISO 9001 which validates the quality management system, i.e. the ability to provide products and services corresponding to specific requirements
  • ISO 14001 that governs the design of efficient environmental management systems
  • ISO 27000 which relates to the tools necessary to implement an information security management system