Reglyze
Trust Center

Reglyze is built on Reglyze

We use our own platform to manage Reglyze's NIS2 compliance posture. The data on this page is generated live from our own account — same scoring, same policies, same controls our customers use. No marketing fluff, just our actual numbers.

Last updated: 3 June 2026 at 14:03 • Refreshed hourly from api.reglyze.com/api/public/trust/reglyze

NIS2 Compliance Score
0/100
Organization

Name

Reglyze

Country

FR

Sector

digital_providers

Headcount

5

NIS2 Status

Out of scope
Reglyze is below the medium enterprise threshold (5 employees, EUR 0.1M turnover) and is not in a NIS2 special category. We comply voluntarily because our customers require evidence of security under their own NIS2 supply chain due diligence (Article 21(2)(d)).

NIS2 Article 21 Controls (12)

Each control is scored on implementation (0-3) and documentation (0-3). Maturity = combined.

nis2.21.2.j
nis2.21.2.jMissing

Implementation: 0/3Documentation: 0/3
nis2.20.1.a
nis2.20.1.aMissing

Implementation: 0/3Documentation: 0/3
nis2.20.2.a
nis2.20.2.aMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.a
nis2.21.2.aMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.b
nis2.21.2.bMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.c
nis2.21.2.cMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.d
nis2.21.2.dMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.e
nis2.21.2.eMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.f
nis2.21.2.fMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.g
nis2.21.2.gMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.h
nis2.21.2.hMissing

Implementation: 0/3Documentation: 0/3
nis2.21.2.i
nis2.21.2.iMissing

Implementation: 0/3Documentation: 0/3

Critical Suppliers (7)

The third parties we depend on. NIS2 Article 21(2)(d) requires organizations to manage supply chain risk.

Hetzner Online GmbH

Cloud infrastructure / hosting

critical

Data shared: All application data, customer accounts, encrypted backups

Cloudflare

CDN, DNS, WAF, TLS termination

critical

Data shared: All HTTP/S traffic metadata, no plaintext payloads

Anthropic

AI/LLM (Claude API for document generation)

high

Data shared: Customer organization context for document generation prompts

GitHub

Source code hosting and CI/CD

high

Data shared: Source code, deployment secrets via Actions

Resend

Transactional email delivery

medium

Data shared: Recipient email addresses (customer admins, vendor questionnaire contacts), email bodies (compliance notifications, vendor questionnaire requests, billing notices).

Google (Workspace + Drive via rclone)

Off-site backup destination

high

Data shared: Encrypted daily Postgres dumps + MinIO blob backups mirrored via rclone. Encryption at rest by Google; Reglyze does not currently apply client-side encryption on top.

Stripe

Payment processing and billing

high

Data shared: Customer billing details, subscription metadata

Security Policies (15)

All generated by Reglyze itself, tailored to our environment.

NIS2 Article 20(2) Training Certificate — Cyril Poder

Updated 17 May 2026

Approved

Reglyze Information Security Policy

Updated 17 May 2026

Approved

Reglyze Incident Response Plan

Updated 17 May 2026

Approved

Reglyze Business Continuity Plan

Updated 17 May 2026

Approved

Reglyze Backup and Disaster Recovery Plan

Updated 17 May 2026

Approved

Reglyze Supply Chain Security Policy

Updated 17 May 2026

Approved

Reglyze Vulnerability Management Policy

Updated 17 May 2026

Approved

Reglyze Effectiveness Testing Policy

Updated 17 May 2026

Approved

Reglyze Cybersecurity Training Plan

Updated 17 May 2026

Approved

Reglyze Cryptography Policy

Updated 17 May 2026

Approved

Reglyze HR Security Policy

Updated 17 May 2026

Approved

Reglyze Access Control Policy

Updated 17 May 2026

Approved

Reglyze Asset Management Policy

Updated 17 May 2026

Approved

MFA & Secured Communications Policy

Updated 17 May 2026

Approved

Board/Management Cybersecurity Briefing Deck

Updated 17 May 2026

Approved

Why we publish this

Most compliance vendors talk about security but never show their own posture. We think that's backwards. If our platform is good enough for our customers, it's good enough for us.

Every score, control, supplier, and policy on this page comes from the same Reglyze platform we sell. There's no separate trust portal, no manually-curated security PDF. It's the live data, refreshed hourly via our own public API.

You can verify it yourself: api.reglyze.com/api/public/trust/reglyze

Build your own trust page

Get your NIS2 compliance score, generate policies, and manage suppliers in one platform — the same one we use.