Skip to content
Independently verified · Quarterly re-audit
EU VETTED

Didomi

VERIFIED
Cookie consent · France
Founded 2017 · didomi.io ↗

Paris-based enterprise CMP (founded 2017); ISO 27001, Google-certified CMP; clients include Volvo, Michelin, Yahoo.

In short

Didomi, in the Cookie consent category, is a European service with France as its hosting location and at most minor, transient US exposure under the CLOUD Act.

Assessment notes

Didomi (Paris FR, founded 2017) is ISO 27001 certified, Google-certified CMP, IAPP Bronze Member, enterprise customer base (Volvo / Yahoo / Michelin / Lacoste / Rakuten); funded primarily by EU + FR investors (Breega, Elaia, BPI France, Smartfin) with no identified US-PE majority, ownership_signal: eu_owned, minor CLOUD Act exposure; DPA and sub-processor list not publicly surfaced.

CLOUD ACT
OWNERSHIP
SUB-PROCS
0 none disclosed
Verified signals
Jurisdiction
  • EU / adequacy hosting
  • EU / adequacy operator
  • No US CLOUD Act exposure
Transparency
  • Public DPA
  • Sub-processors disclosed
  • Open-source clients
  • Third-party certification
JUMP TO
OVERVIEW

About Didomi

Didomi (Paris, France, founded 2017) is an enterprise-grade Consent Management Platform with a strong roster of European brands: Volvo, Yahoo, Michelin, Lacoste, Rakuten. ISO 27001 certified, Google Certified CMP partner, IAPP Bronze Member. The platform covers consent collection, Preference Management, Privacy Request automation, Compliance Monitoring, and server-side tagging, broader than pure cookie-banner vendors. Cap table is mostly European (Breega, Elaia, BPI France, Smartfin), no US PE majority identified at time of research. For French / European procurement buyers wanting an alternative to the Vista-controlled Usercentrics / Cookiebot stack, Didomi is the strongest enterprise CMP option in the catalogue.

SUB-PROCESSORS

Sub-processor map · none disclosed

Source ↗
Vendor discloses zero sub-processors. All data processing happens in-house.
CERTIFICATIONS

Frameworks & certifications

ISO/IEC 27001
ACTIVE
FEATURES

Capability matrix

White-label Yes
IAB TCF v2 Yes
Google Consent Mode Yes
Auto cookie scan Yes
Geo-targeting Yes
Consent logging Yes
Multilingual Yes
Free tier No
INTEGRATION & ACCESS
REST API Yes
SSO (SAML / OIDC) Yes
COMPLIANCE & GOVERNANCE
Audit log Yes
Self-host / on-prem option No
PRICING

Pricing & tiers

PAID
from €19/mo
View pricing page ↗
PUBLIC DOCUMENTS

Public documents

Vendor does not publish a public DPA. Without a publicly accessible Data Processing Addendum, small EU customers cannot self-serve the processor agreement. This is recorded as no public DPA (see How we assess).
  • Data Processing Addendum (DPA)
    — missing
    missing
  • Sub-processors list
    trust.didomi.io/subprocessors…
    Open ↗
ALTERNATIVES

Alternatives in this category

ConsentManager
Germany · Founded 2017
EU-SOVEREIGN

German-owned CMP with own EU data centres (not hyperscaler); ISO 27001, IAB TCF v2 ID 31, 100K+ websites, from €23/mo.

Public DPA Sub-processors Open source
FROM
€23/mo
CLOUD ACT
NONE
Cookiebot
Denmark · Founded 2012
EU-HOSTED

Danish cookie consent (Cybot A/S, est. 2012); ISO 27001 + ISO 27701; acquired by Usercentrics 2022 (now Vista Equity-owned).

Public DPA Sub-processors Open source
FROM
€11/mo
CLOUD ACT
MATERIAL
Iubenda
Italy · Founded 2010
EU-BASED

Italian privacy-compliance toolkit (Milan, est. 2010); 150K+ customers; subject to direction of Team.blue NV (Belgium).

Public DPA Sub-processors Open source
FROM
€2/mo
CLOUD ACT
MINOR