Security, confidentiality and compartmentalization: how Answer Writer protects your data

The trust you place in us by entrusting us with your data is precious. That’s why Answer Writer has been designed to the highest security standards. Our approach is reassuringly transparent: strict confidentiality, watertight compartmentalization, trusted cloud infrastructure, advanced safeguards and regular audits. Discover how every aspect of Answer Writer contributes to the protection of your sensitive information.

Keeping your data confidential

We ensure that your data remains strictly confidential. In concrete terms, this means that no information you enter into Answer Writer is shared with third parties or reused for any other purpose. You remain the owner of your content, and we only use it to provide you with the service you expect – never for advertising, profiling or training external models. Respect for privacy is an integral part of our philosophy, in full compliance with the General Data Protection Regulation (GDPR).

Internally, access to your data is extremely restricted. Only certain authorized members of our technical team can access it, and only in the context of maintenance or support, with your explicit consent. Every member of our staff is bound by strict confidentiality obligations. This ensures that your sensitive information remains under your total control and safe from unwanted attention.

Compartmentalization: separate data for each customer

Answer Writer is designed on the principle of strict data compartmentalization. Each client has its own dedicated space: your data is never mixed with that of another organization. In practice, the information you import or generate via our platform is stored in an isolated environment, specific to your company. The solution is even supported by an artificial intelligence dedicated just to your organization (Answer Writer – Answer questionnaires and audits 10x faster with AI): your Answer Writer instance learns only from your data and business context, without ever incorporating information from other companies. This watertight wall ensures that even if a security incident were to occur at another customer, your data would remain intact, inaccessible and protected.

This separation also applies within your organization when you opt for the Corporate offer. A system of granular permissions by user role lets you control who can view or modify each piece of information. In concrete terms, each user only has access to the data they need, according to their responsibilities. For example, an employee will only have access to questionnaires or documents relevant to his/her mission, and nothing more. This internal compartmentalization reinforces confidentiality and limits the impact of any error or malicious access by confining it to a restricted portion of the system.

Secure European cloud hosting

The Answer Writer platform is based on the Microsoft Azure cloud infrastructure, with your data hosted exclusively in Europe. The choice of Azure guarantees a robust and highly secure infrastructure, with recognized cloud certifications (such as ISO 27001, SOC 2, etc.) and state-of-the-art physical protection in the data centers. By keeping your information on servers located in the European Union, we ensure that no data is transferred outside European jurisdiction without your consent. You therefore benefit from the contractual and technical guarantees of the Azure cloud in terms of RGPD compliance and security.

In practical terms, hosting your data in Europe on Azure means that it remains under the European legal framework, renowned for its strict data protection requirements. Microsoft Azure complies with RGPD obligations and is committed, via its contracts, to the confidentiality and non-use of customer data (Discover the platform – Smart Global Governance). What’s more, the infrastructure offers high availability: server redundancy, regular backups and disaster recovery plans are in place to preserve your information even in the event of a major technical contingency. So you benefit from a service that’s both secure and operationally reliable. Our Enterprise and Corporate customers can choose hosting outside Europe, with data centers available in over 20 countries.

Robust technical and organizational security measures

Answer Writer data security is not just about isolation or infrastructure: we deploy a range of technical and organizational measures to protect your information at every level. These protective measures form multiple layers of defense, minimizing the risk of data intrusion, leakage or loss. Among the measures we implement:

• Data encryption: All your data is encrypted both during storage (encryption at rest) and during exchanges with the platform (encryption in transit via SSL/TLS). So even if your data were intercepted, it would remain unreadable without the appropriate decryption keys.
• Enhanced access controls: Access to the platform is secured by strong authentication (strong passwords, etc.).
• Continuous supervision and alerts: Our technical teams constantly monitor the security status of the system. Logging and intrusion detection systems are in place to spot any anomalies. In the event of suspicious activity or unauthorized access attempts, security alerts are generated automatically, enabling us to intervene immediately if necessary (Answer Writer – Answer questionnaires and audits 10x faster with AI).
• Regular vulnerability testing: We regularly subject our applications and infrastructures to penetration tests and vulnerability scans. These proactive technical audits help us to identify the slightest potential vulnerability and correct it without delay, before it can be exploited. In addition, we systematically apply available software security updates to stay one step ahead of new threats.

Thanks to this set of technical and organizational defenses, your data is protected by a comprehensive approach to security, covering prevention, detection and incident response.

Certifications and audits: continuously verified and improved security

To provide you with every guarantee, Smart Global Governance has submitted its Answer Writer platform to recognized security certifications and audits. These external accreditations prove that our practices meet the most demanding standards on the market, and that an independent entity regularly verifies the effectiveness of our measures.

First and foremost, we are ISO 27001 certified, the international benchmark for information security management. This certification confirms that we have implemented a comprehensive and effective Information Security Management System, covering all technical and organizational processes aimed at protecting your data. What’s more, ISO 27018 certification confirms that we apply best practices for the protection of personal data in the cloud – an additional guarantee of confidentiality for all the personal information you process via Answer Writer (Discover the platform – Smart Global Governance).

In addition to ISO standards, we regularly have the security of our solution audited by independent bodies. In particular, our source code and architecture have been audited by PASSI (Prestataires d’Audit de la Sécurité des Systèmes d’Information) accredited service providers approved by ANSSI (Discover the platform – Smart Global Governance). These cybersecurity experts scrutinize our defenses to ensure that no critical vulnerabilities are present. The conclusions of these audits enable us to continually improve our system.

Finally, we adopt a continuous improvement approach to security. ISO 27001 certification, for example, involves an annual audit and an ongoing improvement cycle. We regularly reassess our procedures, update our protection protocols and adapt to new threats and regulatory requirements. Every audit feedback or technological evolution is an opportunity to further strengthen the platform’s security. So you can rest assured that your data is not protected in a static way, but that it is constantly evolving to stay at the cutting edge of the best standards.