Hosting in France
Production environments are hosted in France.
Tempolia describes the mechanisms actually implemented: data location, backups, account separation, permissions, exports and traceability.

These details can be included in an IT questionnaire, vendor assessment or contract review.
Production environments are hosted in France.
Every Tempolia account uses its own database, separating each organisation's data.
Data is backed up every night to another server in a different data centre.
Disks are mirrored so that an isolated hardware failure does not destroy data.
The administrator can request an ad hoc backup before an important operation.
Data remains the customer's property and can be retrieved through exports or APIs according to the subscribed scope.
Access is defined by profile, menu, scope and data type. OAuth2 is available, and SAML is offered with Enterprise.
Logins, sensitive actions, approvals, exports and maintenance operations are logged according to their nature.
The nightly backup is copied to another server. An ad hoc backup can also be triggered from the interface before a significant change.
Loading a backup is a sensitive operation: the scope, date, author and associated checks must be identified. Restore operations are restricted to authorised profiles.
Tempolia does not publish a generic recovery time that is not contractually guaranteed. Any specific RPO, RTO or availability requirements must be agreed with the customer.
Tempolia permissions combine menu access, read or edit level and data scope. They can differ by company, group, staff member, customer or engagement.
Sensitive values such as cost rates, selling prices or margin metrics can be hidden from selected profiles. Authorised managers retain control over configuration.
Tempolia applies security mechanisms to invoices, credit notes, payments, duplicates, exports and technical events. The product is working towards Category C NF525 certification.
Marketing communications must not present Tempolia as certified until the certificate has actually been issued. This page therefore describes the current state of the system, not a certification already obtained.
Issued invoices are kept separate from documents still in preparation. Corrections use documented operations, such as a credit note or reversal, rather than a silent modification of the original document.
Views and reports can be exported according to the user's permissions and scope.
The documented API supports integration of customers, engagements, time, expenses, documents and other data according to the available scope.
Associated documents can be included in the supported flows, particularly for accounting or archiving.
The format, schedule and expected data must be specified in the portability plan.
In France. Nightly backups are copied to another server in a different data centre.
Yes. Data can be retrieved through exports or APIs according to the agreed scope and portability plan.
The product is working towards NF525 certification. Certification will be mentioned only after the certificate has actually been issued.
OAuth2 is available. SAML SSO is included in the Enterprise plan.
We answer your security, data portability and compliance questionnaire point by point.