Aller au contenu
Vérifié indépendamment · Ré-audit trimestriel
EU VETTED

Tresorit

VéRIFIé
Partage de fichiers · Switzerland
Fondé en 2011 · tresorit.com ↗

Swiss-Post-owned (state-anchored) E2E encrypted enterprise cloud storage (Tresorit AG, Zurich), Swiss + EU DC options, ISO 27001.

En bref

Tresorit, dans la catégorie Partage de fichiers, propose un hébergement dans l’UE avec Ireland comme lieu d’hébergement, mais une maison mère ou un sous-traitant américain laisse une exposition matérielle au CLOUD Act.

Notes d’évaluation

Tresorit AG (Zurich, Pfingstweidstrasse 60b; CHE-349.825.210) is the enterprise-grade zero-knowledge end-to-end-encrypted cloud-storage product founded in 2011 by István Lám and Szilveszter Szebeni in Hungary and majority-acquired by Swiss Post (the Swiss state-owned postal operator) in 2021; Swiss Post is now sole shareholder, putting the company under Swiss government / state-anchored ownership; ISO/IEC 27001:2022 certified by TÜV Rheinland, GDPR + HIPAA + ITAR + FINRA + CCPA + CJIS + DORA + NIS2 + TISAX coverage, customer-selectable Swiss or EU data residency, contracts under Swiss law / Swiss Federal Act on Data Protection. The verified sub-processor list (2026-06) shows Tresorit's primary hosting is Microsoft Azure (a US-owned hyperscaler), which raises CLOUD Act exposure to material on a structural reading; in practice the zero-knowledge end-to-end encryption means Azure stores only ciphertext and Tresorit holds no keys, so compelled disclosure yields no readable content. State-anchored Swiss (Swiss Post) ownership, ISO/IEC 27001:2022 certified by TÜV Rheinland; the DPA is account-gated (paid plan + Subscription Owner role) with no standalone public URL, the key documentation gap.

CLOUD ACT
OWNERSHIP
SUB-PROCS
15 · 13 US
Signaux vérifiés
Juridiction
  • Hébergement UE / adéquation
  • Opérateur UE / adéquation
  • Aucune exposition au CLOUD Act
Transparence
  • DPA public
  • Sous-traitants divulgués
  • Clients open source
  • Certification tierce
JUMP TO
OVERVIEW

À propos de Tresorit

Tresorit is the enterprise zero-knowledge end-to-end-encrypted cloud-storage product operated by Tresorit AG at Pfingstweidstrasse 60b, 8005 Zurich, Switzerland (CHE-349.825.210), with offices also in Budapest, Hungary and Munich, Germany. Founded in 2011 by Hungarian engineers István Lám and Szilveszter Szebeni, the company built its reputation around mathematically-provable client-side encryption: every file, file name, and metadata is encrypted on the user device before upload, so neither Tresorit nor any data-centre operator can access plaintext customer content. The company serves 11,000+ organisations with 4.9 / 4.5 G2 / Capterra ratings.

For an EU-sovereignty audit Tresorit's ownership story is unusually strong. In July 2021 Swiss Post (the Swiss state-owned postal and digital-services operator) acquired a majority stake; as of 2026 Swiss Post is the sole shareholder, making Tresorit a fully Swiss-state-anchored entity. This pushes the directory's other (Switzerland) classification into the highest end of that tier: Swiss jurisdiction with state-owned parent is structurally as close to "sovereign" as a vendor can credibly claim. The compliance footprint matches: ISO/IEC 27001:2022 certified by TÜV Rheinland (covering sales, development, maintenance, and support of E2E-encrypted cloud services), plus alignment with GDPR, HIPAA, ITAR, FINRA, CCPA, CJIS, DORA, NIS2, and TISAX, an unusually broad regulated-industry coverage including US healthcare (HIPAA), US defence-export controls (ITAR), US financial markets (FINRA), and US criminal-justice systems (CJIS) for the rare global customers who need that combination on top of a Swiss-jurisdiction base. Customer-selectable Swiss or EU data residency, contracts under Swiss law and the Swiss Federal Act on Data Protection.

Pricing in EUR: a Personal Plus tier starts at approximately €10/month for ~1 TB; Business plans start in the €14-30/user/month range across SecureCloud and Engage tiers; Enterprise is negotiated. Best fit: regulated enterprises (legal, financial-services, healthcare, defence), Swiss public-sector buyers, journalists and NGOs, and any organisation needing a Dropbox / Box / OneDrive replacement with mathematically-provable zero-knowledge encryption from a state-anchored Swiss vendor. Together with Proton Drive, Tresorit forms the directory's Swiss-encrypted file-sharing dual-pick; Proton wins on consumer / freemium and ecosystem breadth (Mail/VPN/Pass/Calendar/Docs), Tresorit wins on enterprise compliance breadth and the unique Swiss-Post state-owned governance.

SUB-PROCESSORS

Carte des sous-traitants · 15

Source ↗
  • Amazon Simple Email Service (SES) US
    United States

    Transactional and notification emails (data in Ireland/EU)

  • DocuSign US
    United States

    Electronic signatures for agreements

  • Google reCAPTCHA US
    United States

    Fraud and misuse prevention during checkout

  • Microsoft Azure US
    United States

    Primary hosting (E2E-encrypted content stored in Ireland/EU) and application performance monitoring

  • Pardot (Salesforce) US
    United States

    Marketing campaigns for customers and subscribed visitors

  • PayPal US
    United States

    Online payments

  • Productboard US
    United States

    Customer feedback management

  • Salesforce US
    United States

    Customer relationship management (data in Ireland/EU)

  • SendGrid (Twilio) US
    United States

    Transactional and notification emails

  • Stripe US
    United States

    Payment processing

  • Twilio US
    United States

    Two-factor authentication (voice and SMS)

  • Zendesk US
    United States

    Customer support tools

  • Zuora US
    United States

    Subscription billing, invoicing and management

  • Tresorit GmbH EU
    Germany

    Affiliate sub-processor delivering Tresorit services

  • Tresorit Kft. EU
    Hungary

    Affiliate sub-processor delivering Tresorit services

13 sous-traitants sur 15 sont incorporés aux États-Unis. Exposition au CLOUD Act applicable.
CERTIFICATIONS

Référentiels & certifications

ISO/IEC 27001
ACTIVE
FEATURES

Matrice de fonctionnalités

Stockage payant (à partir de) 50 Go
Taille max. de fichier 2 Go
Synchro photos Non
Versionnage des fichiers Oui
Partage par lien Oui
Plateformes iOS macOS Windows Android Linux Web
INTéGRATION & ACCèS
REST API Yes
SSO (SAML / OIDC) Yes
CONFORMITé & GOUVERNANCE
Audit log Yes
Self-host / on-prem option No
PRICING

Tarifs & paliers

PAYANT
à partir de €10/mois
Voir la page tarifs ↗
PUBLIC DOCUMENTS

Documents publics

L'éditeur ne publie pas de DPA public. Sans contrat de sous-traitance accessible publiquement, les petits clients européens ne peuvent pas signer eux-mêmes l'accord : cela est consigné comme absence de DPA publique (voir Notre méthode).
  • Contrat de sous-traitance (DPA)
    — manquant
    manquant
  • Liste des sous-traitants
    support.tresorit.com/hc…
    Ouvrir ↗
  • Conditions d'utilisation
    tresorit.com/legal…
    Ouvrir ↗
ALTERNATIVES

Alternatives dans cette catégorie

Proton Drive
Switzerland · Fondé en 2014
SOUVERAIN UE

Swiss zero-knowledge encrypted cloud (Proton AG, non-profit-foundation-controlled), 11,496 owned servers, ISO 27001 + SOC 2, 5 GB free.

DPA public Sous-traitants Open source
FROM
€4/mois
CLOUD ACT
NONE
kDrive (Infomaniak)
Switzerland · Fondé en 1994
SOUVERAIN UE

Swiss kDrive cloud (Infomaniak, Geneva, since 1994), own Swiss DCs, ISO 27001 + B Corp 2025, district-heating heat recycling.

DPA public Sous-traitants Open source
FROM
€4/mois
CLOUD ACT
NONE
Internxt
Spain · Fondé en 2020
BASé UE

Valencia-based open-source zero-knowledge encrypted cloud (Internxt, 2020), post-quantum crypto, lifetime plans, 1 GB free, 1M+ users.

DPA public Sous-traitants Open source
FROM
€10/mois
facturé annuellement
CLOUD ACT
MINOR