Sovereign infrastructure
Bunker operates 3 datacenters in France, with no dependency on hyperscalers (AWS, Azure, GCP). Your data is 100% hosted in France.
| Datacenter | Location |
|---|---|
| DC01 | Essarts-en-Bocage (Vendee) |
| DC02 | Saint-Gilles-Croix-de-Vie (Vendee) |
| DC03 | Nantes (Loire-Atlantique) |
Technical security measures
Encryption
TLS 1.2+ in transit, end-to-end backup encryption.
Network
WireGuard VPN (Headscale), strict network segmentation.
Protection
CrowdSec WAF, DDoS protection, intrusion detection.
Access
Centralized access control, access logging, strong authentication (Keycloak).
Backups
Replicated to a geographically separate datacenter, end-to-end encryption.
Organizational measures
Sovereign technology stack
All critical components are open source and self-hosted in our datacenters:
Keycloak
Authentication
PostgreSQL
Databases
Matomo
Analytics (CNIL exemption)
GitLab
CI/CD
Grafana / Loki / Tempo / Mimir
Observability
Ceph S3
Object storage
DocuSeal
Electronic signatures
Regulatory compliance
Target certifications
Bunker is pursuing the following certifications:
ANSSI qualification for cloud service providers.
International standard for information security management.
Report a vulnerability
If you discover a security vulnerability, we invite you to report it responsibly.
We commit to analyzing your report within 48 hours and keeping you informed of the measures taken.
Questions about our security?
Contact us at [email protected]