Security & privacy

Security is at the heart of Ondes PRO — not a premium add-on.

Isolated instances

Each subscribed customer gets their own Docker container with dedicated database and volumes. Your data is never mixed with other customers.

Docs, Sheets, Slides, Drive and messaging use client-side encryption. The server only stores ciphertext — it cannot read your sensitive content.

Servers located in France, TLS encryption in transit and encryption at rest. Your data stays in the European Union.

Minimal data collection, no resale to third parties. Right of access, rectification and deletion — contact@ondes.pro.

Email authentication and JWT. User cryptographic keys generated client-side (Curve25519), never stored in plaintext on the server.

Granular RBAC per module: control precisely what each collaborator can see and do in your workspace.

→Keys generated in the browser — the server never sees the private key in plaintext.
→Drive: AES-GCM encrypted files, file keys encrypted with your master key.
→Chat: nacl.box for 1-to-1 messages, GDK with rotation for groups.
→Docs/Sheets/Slides: Yjs updates encrypted with nacl.secretbox — the server relays opaque ciphertext.

Test the platform in real conditions with a free 72-hour demo.