| SOV-1 Strategic Sovereignty | SEAL-4 | |
| SOV-2 Legal & Jurisdictional Sovereignty | SEAL-4 | |
| SOV-3 Data & AI Sovereignty | SEAL-3 | |
| SOV-4 Operational Sovereignty | SEAL-3 | |
| SOV-5 Supply Chain Sovereignty | SEAL-3 | |
| SOV-6 Technology Sovereignty | SEAL-2 | |
| SOV-7 Security & Compliance Sovereignty | SEAL-3 | |
| SOV-8 Environmental Sustainability | SEAL-3 |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-1.1 | EU/EEA legal entity control | 4. Entirely within the EU | 125/125 | SEAL-4 | high | Oodrive SAS is incorporated and headquartered in Paris, France; founders retain a majority stake and remaining capital is held by French investors (Tikehau Capital). Entirely within the EU (src: https://www.oodrive.com/secnumcloud/). |
| SOV-1.2 | Change of control risk | 4. Unlikely takeover/transfer to non-EU sovereign entity | 94/125 | SEAL-4 | medium | Founder-led with majority founder ownership and French PE backing; a sovereign cloud positioning and SecNumCloud business make a takeover by a non-EU sovereign entity unlikely, though PE-held minority stakes mean it is not 'very unlikely'. |
| SOV-1.3 | Control over roadmap | 4. Full influence of EU actors | 125/125 | SEAL-4 | medium | As a French software publisher developing its own products, EU customers (notably French public sector and regulated industries) have full influence over the roadmap through direct contractual relationships. |
| SOV-1.4 | Financial independence from non-EU capital | 5. Entirely EU-based funding | 125/125 | SEAL-4 | high | Funding is entirely EU-based: founders plus French investors Tikehau Capital, NextStage AM, and earlier French/EU funds. No non-EU capital identified. |
| SOV-1.5 | EU economic contribution | 5. Fully in the EU | 125/125 | SEAL-4 | high | Operations, staff, data centers and revenue base are fully in France/EU; economic contribution is fully in the EU. |
| SOV-1.6 | Participation in EU strategic programs | 3. Active participant in strategic projects | 63/125 | SEAL-4 | medium | Oodrive is an active sovereign-cloud advocate (publicly engaged on SecNumCloud/EUCS standards) and a recognized French sovereign actor, indicating active participation in EU/national strategic efforts. |
| SOV-1.7 | Alignment with EU industrial strategies | 3. Measured achievement and dedicated governance | 83/125 | SEAL-4 | medium | Clear, sustained sovereignty strategy with measured achievement (first French SaaS publisher SecNumCloud-qualified, end-to-end 3.2) and dedicated governance/compliance function (src: https://www.oodrive.com/fr/actualites/oodrive-obtient-qualification-secnumcloud-au-niveau-3-2-pour-sa-suite-collaborative-francaise/). |
| SOV-1.8 | Resilience to cut-off | 5. Full autonomy and continuity | 125/125 | SEAL-4 | medium | own_stack: vertically integrated EU provider - self-developed software on Oodrive-owned hardware in its own French data centers, SecNumCloud 3.2 qualified end-to-end with no non-EU operational vendor (only residual commodity chips). Full autonomy and continuity per key judgment call #1. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-2.1 | Primary legal jurisdiction | 3. Exclusively EU law | 167/167 | SEAL-4 | high | French company with French/EU-only hosting; subject exclusively to EU/French law, explicitly positioned as not subject to non-European laws (src: https://www.oodrive.com/secnumcloud/). |
| SOV-2.2 | Extraterritorial laws exposure | 5. Verified legal immunity, non-EU laws unenforceable | 167/167 | SEAL-4 | high | immunity: SecNumCloud 3.2 qualification requires immunity from extra-EU law (HQ and capital on EU territory); Oodrive is a French-controlled entity with French data centers and explicitly states it is not subject to the US CLOUD Act or FISA, making non-EU laws unenforceable -> verified legal immunity opt5 (src: https://www.oodrive.com/secnumcloud/). |
| SOV-2.3 | Data access pathways for non-EU authorities | 5. Requests always rejected by the provider | 167/167 | SEAL-4 | high | As a French SecNumCloud-qualified provider with no non-EU parent or establishment, it has no legal pathway to compel data disclosure to non-EU authorities; such requests would be rejected (src: https://www.oodrive.com/secnumcloud/). |
| SOV-2.4 | Export control restrictions | 5. Part of offer shielded from restrictions towards EU MSs/intl orgs | 167/167 | SEAL-4 | medium | French-developed and French-operated offer with EU-only customer base; no foreign export-control regime can restrict supply to EU Member States or international organisations. |
| SOV-2.5 | Origin of IP | 5. Fully within the EU | 167/167 | SEAL-4 | high | Oodrive is a software publisher that designs and develops its own products in France; the core IP is fully within the EU. |
| SOV-2.6 | IP holder jurisdiction | 5. Fully under EU law | 167/167 | SEAL-4 | high | The IP holder is the French Oodrive SAS, so IP is held fully under EU (French) law. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-3.1 | Customer control over encryption keys | 4. Customer primary control but provider can read data | 150/200 | SEAL-3 | medium | Strong encryption (AES-256) with keys protected in HSM and per-customer compartmentalisation, giving customers primary control; however no documented zero-knowledge/BYOK scheme where the provider technically cannot read data, so not exclusive customer control -> opt4. |
| SOV-3.2 | Transparent data flows & access logs | 4. Full customer-controlled visibility, not real-time | 150/200 | SEAL-3 | low | SecNumCloud/ISO 27001 require access logging and customer-controlled visibility, but no evidence of real-time independent auditability is published, so full customer-controlled (non-real-time) visibility is the best fit -> opt4. |
| SOV-3.3 | Secure deletion & proof of erasure | 4. Deletion technically verified with access logs | 150/200 | SEAL-3 | low | SecNumCloud and HDS impose verifiable deletion controls with access logs; deletion is technically verified, but independent proof of irreversible erasure to the customer is not clearly documented -> opt4. |
| SOV-3.4 | Data location strictly in EU/EEA | 5. Exclusively EU, no third-country fallback | 200/200 | SEAL-4 | high | eu_exclusive: data hosted exclusively in two French data centers operated by Oodrive (active/active geo-cluster) with no third-country fallback; SecNumCloud forbids non-EU data location -> opt5 (src: https://www.oodrive.com/secnumcloud/). |
| SOV-3.5 | AI services sovereignty | 4. EU-led AI, foreign accelerators | 150/200 | SEAL-3 | low | Oodrive states hosted data is not used for model training and any AI is EU-operated within its controlled framework, but inference still depends on foreign GPU/accelerator hardware; EU-led AI on foreign accelerators is the best fit -> opt4. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-4.1 | Portability & interoperability | 4. Formal migration services available | 125/167 | SEAL-4 | medium | Standard documented data export plus SecNumCloud-mandated reversibility/migration provisions; positioned as portable away from GAFAM. Formal migration services available -> opt4. |
| SOV-4.2 | Ability to operate without foreign dependencies | 5. Entire stack managed by fully EU-based team | 167/167 | SEAL-4 | high | eu_ops: entire stack (software development, hosting, operations) is managed by Oodrive's fully French/EU-based teams without intermediaries; SecNumCloud 3.2 end-to-end -> opt5 (src: https://www.oodrive.com/secnumcloud/). |
| SOV-4.3 | Skill availability in the EU | 4. All EU staff | 125/167 | SEAL-3 | medium | Workforce is France-based; SecNumCloud requires EU staffing. All-EU staff is well supported, though no provider-wide security-clearance requirement is documented across all roles -> opt4. |
| SOV-4.4 | Support channels | 4. All support staff in EU | 125/167 | SEAL-3 | medium | Support is delivered from France by Oodrive's own qualified teams; all support staff in the EU. No published clearance requirement for all support staff -> opt4. |
| SOV-4.5 | Documentation & knowledge transfer | 4. EU-only primary repositories | 125/167 | SEAL-4 | low | SecNumCloud-qualified, France-only operation implies EU-only primary documentation repositories; full end-to-end EU-only chain not explicitly evidenced -> opt4. |
| SOV-4.6 | Subcontractor & supplier jurisdiction | 4. Ability to source alternatives or internalise | 125/167 | SEAL-3 | low | SecNumCloud requires controlled subcontractors within the EU; Oodrive operates its own infrastructure, giving ability to source alternatives or internalise rather than depending on a single critical non-EU subcontractor -> opt4. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-5.1 | Origin of components (physical parts) | 3. Transparent with exceptions | 72/143 | SEAL-3 | low | Oodrive owns its hardware but the physical components (servers, chips) are sourced from global OEMs; SecNumCloud entails supply transparency, so transparent-with-exceptions best fits -> opt3 (seal 3). |
| SOV-5.2 | Manufacturing location | 3. Mixed sourcing, EU audit rights | 72/143 | SEAL-3 | low | Server hardware is foreign-designed but owned and operated by Oodrive under SecNumCloud audit rights (mixed sourcing with EU audit rights), consistent with the cluster anchor Clever Cloud -> opt3 (seal 3). |
| SOV-5.3 | Embedded code/firmware provenance | 2. Partial disclosure | 36/143 | SEAL-4 | low | Firmware/microcode in commodity servers comes from foreign vendors with at best partial disclosure; not under EU control -> opt2 (seal 4). |
| SOV-5.4 | Origin of software | 5. Exclusively designed/maintained by EU teams | 143/143 | SEAL-4 | high | Oodrive is a software publisher that designs and maintains its application software exclusively with French/EU teams; SecNumCloud 3.2 qualifies the software layer itself -> opt5 (src: https://www.oodrive.com/secnumcloud/). |
| SOV-5.5 | Software build/release jurisdiction | 5. EU control + EU policy gates | 143/143 | SEAL-4 | medium | Software is developed, built and released in France under EU control; SecNumCloud imposes controlled build/release processes equivalent to EU control plus policy gates -> opt5. |
| SOV-5.6 | Single point of dependency | 4. Few non-EU in non-critical services, documented | 107/143 | SEAL-3 | low | Core service has no non-EU vendor dependency (own software, own hosting), with only non-critical hardware/components sourced from non-EU vendors; documented under SecNumCloud -> opt4 (seal 3). |
| SOV-5.7 | Supply chain transparency | 4. Most suppliers auditable | 107/143 | SEAL-3 | low | SecNumCloud qualification requires auditable supplier/subcontractor management; most suppliers are auditable, though full hardware-supply-chain auditability is not evidenced -> opt4 (seal 3). |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-6.1 | Interoperability & open interfaces | 4. Standards-based and broadly compatible | 150/200 | SEAL-3 | low | Standards-based: Oodrive exposes documented APIs and supports integration/export over standard protocols (eIDAS, TLS, standard file formats), giving broad interoperability even though the products themselves are proprietary SaaS -> opt4 (seal 3). |
| SOV-6.2 | Open standards compliance | 4. Policy for most core services | 150/200 | SEAL-3 | low | Core services rely on common open standards (eIDAS, standard file formats, TLS) for interoperability across most core services -> opt4 (seal 3). |
| SOV-6.3 | Open source availability | 1. Fully closed-source, vendor-controlled | 0/200 | SEAL-2 | medium | Genuine differentiator vs the open-source members of the cluster: Oodrive's products are proprietary, closed-source SaaS controlled by the vendor with no significant open-source release of its core software -> opt1 (seal 2). This is the real ceiling that caps Oodrive at SEAL-2 despite its end-to-end SecNumCloud sovereignty. |
| SOV-6.4 | Service architecture transparency | 3. Some public insight | 100/200 | SEAL-3 | low | Publishes security/compliance documentation and architecture overviews publicly; some public insight into service architecture -> opt3. |
| SOV-6.5 | HPC sovereignty | 2. EU-hosted, foreign stack | 50/200 | SEAL-3 | low | No in-scope HPC: Oodrive is a collaborative SaaS provider, not an HPC operator, so there is no imported foreign HPC dependency. Per key, 'no in-scope HPC' maps to opt2 (seal 3), not penalised for absence. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-7.1 | Security certification (EAL) | 5. EAL4-5 | 143/143 | SEAL-4 | medium | SecNumCloud 3.2 qualification (ANSSI), the highest French cloud assurance level (end-to-end, infra + software), maps to the top EAL tier per the key (src: https://www.oodrive.com/fr/actualites/oodrive-obtient-qualification-secnumcloud-au-niveau-3-2-pour-sa-suite-collaborative-francaise/). |
| SOV-7.2 | EU regulatory compliance (GDPR/NIS2/DORA) | 5. Fully compliant to all, independently audited | 143/143 | SEAL-4 | high | Independently audited compliance with GDPR, NIS2, DORA, ISO 27001/27701, HDS, eIDAS and SecNumCloud; fully compliant and externally verified (src: https://www.oodrive.com/group-news/oodrive-renews-iso-27001-iso-27701-hds-2-0-certifications/). |
| SOV-7.3 | EU-based SOC & incident handling | 4. Entire lifecycle by EU teams, EU threat intel | 107/143 | SEAL-3 | medium | Security operations and incident handling are run by Oodrive's French teams as required by SecNumCloud; full lifecycle by EU teams, though formal ENISA/CSIRT sharing not explicitly evidenced -> opt4 (seal 3). |
| SOV-7.4 | Control over security monitoring/logging | 4. Full direct access, logs stored in EU | 107/143 | SEAL-3 | low | SecNumCloud/ISO 27001 require logging with logs stored in the EU and customer access to monitoring; full direct access with EU-stored logs is the best fit, though tamper-proof immutability is not documented -> opt4 (seal 3). |
| SOV-7.5 | Disclosure of incidents | 4. Partial compliance, monitored flow, SLAs | 107/143 | SEAL-3 | medium | Complies with GDPR/NIS2 breach-notification obligations with monitored flow and SLAs; full real-time CSIRT sharing not explicitly documented -> opt4 (seal 3). |
| SOV-7.6 | Maintenance autonomy | 3. Moderate autonomy (notice + testing, except zero-day) | 72/143 | SEAL-4 | low | As operator of its own self-developed software and infrastructure, Oodrive has moderate-to-high maintenance autonomy (scheduled, tested deployments); moderate autonomy is the conservative fit -> opt3. |
| SOV-7.7 | Auditability | 5. Full independent audit by any entity | 143/143 | SEAL-4 | medium | audit_rights: SecNumCloud, ISO 27001, ISO 27701 and HDS subject Oodrive to recurring independent third-party audits, supporting full independent auditability -> opt5 (src: https://www.oodrive.com/group-news/oodrive-renews-iso-27001-iso-27701-hds-2-0-certifications/). |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-8.1 | Energy efficiency (PUE) | 3. PUE < 1.5 + roadmap | 125/250 | SEAL-4 | low | Operates modern French data centers (typical PUE around/below 1.5 with efficiency roadmaps) under SecNumCloud; Oodrive publishes no specific PUE figure -> opt3 (seal 4). |
| SOV-8.2 | Hardware reuse & recycling | 3. Documented program | 125/250 | SEAL-3 | low | Owns its own hardware and runs a documented RSE/circular program (paper sorting, plastic removal, hardware lifecycle, residual-emissions compensation) via a dedicated cross-department RSE group -> documented program opt3 (seal 3). |
| SOV-8.3 | Environmental impact reporting | 4. Detailed EU methodology | 188/250 | SEAL-3 | low | Publishes an annual carbon footprint (928 t CO2 in 2020) with a reduction plan and certified carbon-compensation under a structured RSE methodology -> detailed EU methodology opt4 (seal 3). |
| SOV-8.4 | Energy supplies | 2. Only EU energy supplies | 63/250 | SEAL-4 | low | Data centers in France draw on the EU (French) grid; EU energy supplies assumed, but no specific green/renewable sourcing documentation found -> opt2. |