The Safety and Security of Yooz

Trust Yooz to protect your data.

The availability and reliability of invoicing software through the Yooz platform and the confidentiality and security of your data are our top priorities.


Data Security

As with any true SaaS application, all Yooz clients share the same platform. To increase the security and data separation, we manage the invoicing software data of each customer in a distinct database.

Access to the application is secured via HTTPS for the best level of security. User credentials require a “strong” password and password policy is configurable to match your internal policy.

Yooz is also regularly tested for vulnerabilities by external auditors to prevent any security breach. Among those auditors, Qualys (specializing in information security and compliance) and some of the largest financial audit firms who are also Yooz customers or resellers continuously ensure that Yooz respects their respective compliance requirements.


Best-of-Breed Datacenters

Hosting is a key component for any cloud application that requires unique expertise. Because of this, Yooz has carefully selected its datacenters based on the quality and security of their infrastructures, service level agreements and their international presence.

The hosting infrastructures that the Yooz invoicing software was built on can support the high availability of the solution thanks to the redundancy of all critical components and real-time data replication. The measured availability was above 99.9% in the past 12 months.

Our datacenters have the following certifications:


  • CJIS
  • DFARS (Defense Federal Acquisition Regulation Supplement)
  • DoD (Department of Defense, DoD) aux niveaux d’impact 5, 4 et 2.
  • FDA CFR Title 21 Part 11 (Food and Drug Administration)
  • FERPA (Family Educational Rights and Privacy Act)
  • FIPS 140-2 (Federal Info Processing Standard)
  • HIPAA/HITECH (Health Insurance Portability & Accountability Act)
  • HITRUST (Health Information Trust Alliance)
  • IRS 1075 (US Internal Revenue Service Publication 1075)
  • ITAR (International Traffic in Arms Regulations) aux États-Unis)
  • MARS-E (Minimum Acceptable Risk Standards for Exchanges, MARS-E)
  • NIST 800-171
  • NIST CSF (National Institute of Standards and Technology)
  • PCI DSS (Payment Card Industry Data Security Standard) Level 1 version 3.1


  • CDSA (Content Delivery and Security Association) et CPS (Content Protection and Security).
  • CSA STAR Attestation (Cloud Security Alliance)
  • ISO 9001
  • ISO 20000-1:2011
  • ISO 22301
  • ISO 27001
  • ISO 27017
  • ISO 27018
  • MPAA
  • SOC 1
  • SOC 2


  • FACT (Federation Against Copyright Theft)
  • NHS IG Toolkit
  • UK Cyber Essentials PLUS
  • UK G-Cloud